[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] firewall testing aid

Subject: [cobalt-users] firewall testing aid
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Sat Sep 8 01:57:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

I have 3 RaQ4s, 1 Qube3, 1 RaQ3 running ipchains and one RaQ2 running ipfwadm.
Getting ipfwadm rules to run on the RaQ2 has been particularly troublesome.
After being locked out several times, needing to reboot, I found this snippet of
code on the internet.
Placing this code at the end of my script allows my firewall rules to run for
the value of $TTF
Allowing me to test the new rules and then have them go away after $TTF (time to
flush).

# ===== Set TTF to 0 for the firewall rules to run for ever ====== #
# ===== Else set to the number of seconds before flushing rules ==== #
TTF=60
# disable after $TTF seconds.
if test $TTF -gt 0
   then
      echo "Firewall rules running for $TTF"
      (sleep $TTF; \
       ipfwadm -I -f; \
       ipfwadm -I -p accept; \
       ipfwadm -O -f; \
       ipfwadm -O -p accept; \
       ipfwadm -F -f; \
       ipfwadm -F -p accept; \
      ) &
else
   echo "Firewall rules running for ever"
fi
# ========= End of Snippet ========== #
Of course the snippet may be modified for ipchains, and or an other script you
are testing.
Or you could have it run a known good firewall script.

And when you get the new script running, install to run on boot.

Gerald

Prev by Date: [cobalt-users] (no subject)
Next by Date: [cobalt-users] [RaQ3] /var getting full
Previous by thread: RE: [cobalt-users] Apache crashed by php4
Next by thread: [cobalt-users] [RaQ3] /var getting full

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index