Remote ipfw module loading dangerous, because, if your firewall rules don’t right, you can lose remote access to the server. To prevent this create at(1) job with `kldunload ipfw’ command. If module loaded and you can login to server remotly with ssh(1) client just delete this job.
Checklist:
- Create /etc/rc.firewall script with ipfw rules;
- Make sure about remote access using ssh(1) through firewall;
- Create at(1) job with `kldunload ipfw’;
- Load ipfw module using `kldload ipfw’;
- Try got access to allowed services;
- If all right delete at(1) job.
No comments:
Post a Comment