bin/54168: Wrong IPv6 parsing in blacklistd.conf(5)

[neitzel%hackett.marshlabs.gaertner.de@localhost]

>Number:         54168
>Category:       bin
>Synopsis:       blacklistd.conf requires dummy port wildcard with IPv6 networks
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon May 06 13:40:00 +0000 2019
>Originator:     Martin Neitzel
>Release:        NetBSD 7.2_STABLE 2019-05-05
>Organization:
	Gaertner Datensysteme, Marshlabs
>Environment:
System: NetBSD hackett.marshlabs.gaertner.de 7.2_STABLE NetBSD 7.2_STABLE (GENERIC) #10: Mon May 6 00:23:20 CEST 2019 neitzel%hackett.marshlabs.gaertner.de@localhost:/scratch/obj/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:

Specifying an IPV6 network without a port specification in the
blacklistd.conf(5)  "[remote]" section (elicits an error message
like

	blacklistd[706]: getnum: /etc/blacklistd.conf, 16: Bad number for service []

to be logged.  The same syntax works just fine for IPv4 networks
(and is part of the /usr/share/examples/blacklist/blacklistd.conf
file).

	
>How-To-Repeat:
	
Add a whitelisting entry such as

	[remote]
	[2a00:1030:100::]/48  *       *       *       *       *       *

to your blacklistd.conf,

	/etc/rc.d/blacklistd restart

and
	tail /var/log/messages

or whatever to see the complaint about the "bad service".

It is unclear whether such a configuration entry line is completely ignored
or in use nevertheless.  (It would be nice if blacklistctl(8) could reflect
the loaded ruleset.)

>Workaround:

Use a dummy wildcard port sepcification like this:

[2a00:1030:100::]/48:*  *       *       *       *       *       *

>Fix: