Happened to me in work once… I was connected via SSH to one of our test machines, so I could test connection disruption handling on a product we had installed.
I had a script that added iptables rules to block all ports for 30 seconds then unblock them. Of course I didn’t add an exception for port 22, and I didn’t run it with nohup, so when I ran the script it blocked the ports, which locked me out of SSH access, and the script stopped running when the SSH session ended so never unblocked the ports. I just sat there in awe of my stupidity.
We’ve all experienced the walk of shame to the server room to hook up a monitor keyboard.
Ah, if only it was a server room and not a customer 3 hours drive away. And he’d closed and gone home for the night.
Fortunately it just needed a reboot, and I was able to talk him through that in the morning.
Oof… well you can just say “it must be some hardware problem or something… maybe a reboot will fix it.”
Oof I did a firmware upgrade on my main external firewall.
The upgrade went fine but when we added an ISP a month or so prior, I forgot to redistribute the ISPs routes. While all my ISPs were technically working, and the firewall came back up, nothing below it could get to the internet, so it was good as down.
Cue the 1.5 hour drive into the office…
Had that drive to think about what went wrong. Got into the main lobby, sat down, joined the wifi, and fixed it in 3 minutes.
Didn’t even get to my desk or the datacenter.
the script stopped running when the SSH session ended
tmux
Always use tmux when possible for remote connections.
Out of curiousity, how would nohup make your situation different? As I understand, nohup makes it possible to keep terminal applications running even when the terminal session has ended.
If the script was supposed to wait 30 secs and then unblock the ports, running with nohup would have allowed the ports to be unblocked 30 secs later. Instead, the script terminated when the SSH session died, and never executed the countdown nor unblock.
I accidentally put all the interfaces on my router running openwrt into the wrong firewall zone so now I can’t access it via ssh or the web interface. I already had it configured though and it still works so I’m just ignoring the problem until something breaks
Sounds like my Unifi experience with the old CloudKeys that liked to brick themselves if the wind blew in a way they disliked. Everything still ran fine, but I couldn’t manage any of it till I factory reset it all. I think it ran like that for 3mo before I could be bothered 😅
Whistles and looks away
I have absolutely no idea what you’re talking about
😜
UFW is a software firewall. SSH is a way to remote into computers. The joke is they turned on UFW and got locked out of the machine.
I’m pretty sure it was a joke.
Everyone did this at some point, but nobody would admit such a silly thing happened to them.
Hehe. I was joking there.
Have done it randomly on my backup raspi 3 so many times 🤣
Firewallcmd’s runtime-to-permanent is one of my favorite features of any software. Set everything up, make sure everything works before making the changes permanent. If not, just reboot!
Happened to me, luckilly I kept an ssh connection up.
Now I make sure to enable the firewall rules before I enable ufw ( still happened to me 3 more times ).
