2005-11-28

Every now and then you'll make a mistake while updating firewall rules and lock yourself out. There's a nice trick to avoid this, if you're disciplined to take the following steps:

1. Copy the existing firewall rules to a new file
   
2. Schedule an update to the firewall rules with the existing firewall rules within 30 minutes
   
3. Edit the firewall rules in the new file
   
4. Load the new firewall rules and test them
   
5. Remove the scheduled update and copy the new file to the old file

If the new firewall rules lock you out in step 4, you won't be able to remove the scheduled update and the old rules will be loaded in 30 minutes or so!

Thanks to an experienced sysadmin for this tip...