From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PhUvF-0006bE-TI for garchives@archives.gentoo.org; Mon, 24 Jan 2011 22:30:06 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id AC80FE0AA3; Mon, 24 Jan 2011 22:28:02 +0000 (UTC) Received: from mail-wy0-f181.google.com (mail-wy0-f181.google.com [74.125.82.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 5C9C6E0AA3 for ; Mon, 24 Jan 2011 22:28:02 +0000 (UTC) Received: by wyf22 with SMTP id 22so6204042wyf.40 for ; Mon, 24 Jan 2011 14:28:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:to:subject:date:user-agent:references :in-reply-to:mime-version:content-type:content-transfer-encoding :message-id; bh=vUeDxdnY2PQQzhKJ80U8pLk9XcWoXww7ulQ+ZLigwug=; b=Ow40e51QP1OPi2CmxWlCokDDQwfA9T/NeDSaDb2bACMslORW8Op+9IJRDsBJS9t3ob cx5LsJFo5ghLzdV9JwNjYUOaa/vzpFg9b/NpXMLNz/swg4u8DniHd928kCOeaGLh021r +2gBP1J3DyxSZLFGzHh8fOu/qnvXK1tTKj6/0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id; b=J7vW/Du7Epq7JDrThFtx+lg9vpFbLvZTRb3Mm8xz8UBGZy50+4ByYTH33W3Jyieeb0 ayxCw81r6gPARqGs1bVcaV7sjAPKR1mDsXljK1XgTwwzBe1bklGhg0DOoaXAQhU/BL8p CXMnV7MKfL7Ji5xGTydgTutbY6kq5eWvSHMYQ= Received: by 10.227.157.1 with SMTP id z1mr5167024wbw.23.1295908081584; Mon, 24 Jan 2011 14:28:01 -0800 (PST) Received: from nazgul.localnet (196-215-42-107.dynamic.isadsl.co.za [196.215.42.107]) by mx.google.com with ESMTPS id y29sm4513664wbd.22.2011.01.24.14.27.59 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 24 Jan 2011 14:28:00 -0800 (PST) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] modifying iptables: how can I prevent locking me out? Date: Tue, 25 Jan 2011 00:28:32 +0200 User-Agent: KMail/1.13.5 (Linux/2.6.37-ck; KDE/4.5.5; x86_64; ; ) References: <4D3DC94F.4020904@gmail.com> <20110124215057.014e9e60@digimed.co.uk> In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201101250028.33198.alan.mckinnon@gmail.com> X-Archives-Salt: X-Archives-Hash: d0d754795ca5294c3f8a411c6b2fd60b Apparently, though unproven, at 00:14 on Tuesday 25 January 2011, Mark Knecht did opine thusly: > On Mon, Jan 24, 2011 at 1:50 PM, Neil Bothwick wrote: > > On Mon, 24 Jan 2011 10:59:16 -0800, Mark Knecht wrote: > >> Maybe a cron job that no matter what reloads the old rules 1 hour later? > > > > Wouldn't at make more sense? You don't want the thing to keep reloading > > your old config, at will do it once, and you can remove the task from the > > at queue once you successfully log back in. > > > > echo "command to reload old rules" | at now + 1 hour > > > > > > -- > > Neil Bothwick > > As a one-off test absolutely. There's no such thing as a once-off test :-) "Oh shit, it's still not working after 19 retries, 6 hours work, and extensive googling" most definitely does exist. Maybe I'm just paranoid, or maybe I just screwed up myself too many times, but I'd feel safer with cron for this. Cancelling it when done is equally easy whether cron or at -- alan dot mckinnon at gmail dot com