IPFW Better way to reload network config

DenisVS

Member

Thanks: 6
Messages: 23

#1
I have a IPFW with complicated staff of rules.
Bridge, nat, fwd, redirect_port, wlan several tables are present here.
There are several jails on the host, related by local network.
If i edit my network config and run /etc/rc.d/netif restart && service routing restart, this gives a bad result. Some of the services will be unavailable, some of them will be disabled.
Probably, IPFW needs to restart too, but in complex this will us to catastrophe, in respect that i have ssh access only.
How to accomplish this properly? Or server reboot only is "the true way"?
 

VladiBG

Well-Known Member

Thanks: 135
Messages: 357

#2
If you want to reload only the ipfw rules you must check first if there's a ipfw -q -f flush command on top in your rule file and if your rule file is located in /usr/local/etc/ipfw.rules you can type
sh /usr/local/etc/ipfw.rules
 

butcher

Member
Developer

Thanks: 12
Messages: 51

#3
You can take a look at /usr/share/examples/ipfw/change_rules.sh script. It provides a way to reload rules more safetly.
 
Top