Re: blacklistd question

To: current-users%netbsd.org@localhost
Subject: Re: blacklistd question
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 9 Jan 2017 03:15:34 +0000 (UTC)

In article <Pine.NEB.4.64.1701090646110.2716%speedy.whooppee.com@localhost>,
Paul Goyette  <paul%whooppee.com@localhost> wrote:
>I was looking at the blacklistd (and related) man-pages, and I'm not 
>sure I understand how it works.  Perhaps someone can enlighten me.
>
>The man page references socket(s) on which blacklistd listens for 
>notifications, but it doesn't seem to indicate what programs are 
>(currently capable of) sending reports to the socket(s).  apropos(1) 
>doesn't seem to find any references from other man pages to provide 
>additional clues.
>
>The example in blacklistd.conf(5) seems to imply that sshd will send 
>notifications, but nothing in the sshd man page confirms this.  Also, 

I have not modified the man pages of any of the programs that I've made
aware of blacklistd.

>the example uses "*" for the connection type and protocol, but it seems 
>that "stream" and "tcp" would be better choices?  Is the use of "*" 
>simply a means of avoiding separate IPv4 and IPv6 rules?  (And if so, 
>shouldn't there be a separate parameter for address family?)

It does not matter. You can have separate v4 and v6 rules or you can
have the same rule take care of both.

christos

References:
- blacklistd question
  - From: Paul Goyette

Prev by Date: daily CVS update output
Next by Date: npf
Previous by Thread: blacklistd question
Next by Thread: npf
Indexes:

Home | Main Index | Thread Index | Old Index