From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-119235-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1PhUtM-0006FM-2w
	for garchives@archives.gentoo.org; Mon, 24 Jan 2011 22:28:08 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id AACB7E0A9C;
	Mon, 24 Jan 2011 22:26:45 +0000 (UTC)
Received: from mx.virtyou.com (mx.virtyou.com [94.23.166.77])
	by pigeon.gentoo.org (Postfix) with ESMTP id 74464E0A9C
	for <gentoo-user@lists.gentoo.org>; Mon, 24 Jan 2011 22:26:45 +0000 (UTC)
Received: from [192.168.2.43] (p5791059C.dip.t-dialin.net [87.145.5.156])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by mx.virtyou.com (Postfix) with ESMTPSA id 892E839A022
	for <gentoo-user@lists.gentoo.org>; Mon, 24 Jan 2011 23:26:44 +0100 (CET)
Message-ID: <4D3DFC7F.7090302@wonkology.org>
Date: Mon, 24 Jan 2011 23:26:07 +0100
From: Alex Schuster <wonko@wonkology.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] modifying iptables: how can I prevent locking me
 out?
References: <4D3DC94F.4020904@gmail.com>	<AANLkTin98-=p88PHnB+n_+nHgBbKxC4BAwxcoQTTV6eE@mail.gmail.com> <20110124215057.014e9e60@digimed.co.uk>
In-Reply-To: <20110124215057.014e9e60@digimed.co.uk>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 
X-Archives-Hash: 6492af79a6c8bce1d1d1f062500b9d30

Neil Bothwick writes:

> On Mon, 24 Jan 2011 10:59:16 -0800, Mark Knecht wrote:
> 
>> Maybe a cron job that no matter what reloads the old rules 1 hour later?
> 
> Wouldn't at make more sense? You don't want the thing to keep reloading
> your old config, at will do it once, and you can remove the task from the
> at queue once you successfully log back in.
> 
> echo "command to reload old rules" | at now + 1 hour

I usually do a
	sleep 10m && restore the state
in a screen session. If things are okay and I can login, I re-attach the
screen and cancel the sleep with Ctrl-C. If I cannot login, I have to
wait 10 minutes.

	Wonko