At Fri, 2 Apr 2021 11:24:53 +0530, Mayuresh <mayuresh%acm.org@localhost> wrote: Subject: Re: blocklistd: How to keep my dynamic IP from getting blocked > > I can store a whitelist in a file and when it changes I can trigger (say) > reload of npf. (I might possibly do something like tail -f on a file to > trigger this. And a client side job will update the file.) > > But the next question is, I need npf to not entertain request from > blocklistd to block a whitelisted ip stored in a file. Can someone suggest > how to do this? The way you are asking the question makes it sound like you are trying to make the most complex, convoluted, confusing, and difficult solution possible. It can be much easier than that! Just tell blocklistd not to block that IP! (and of course also trigger blocklistd to reload its configuration at the same time) I.e. have the script which is triggered by a change in the remote network IP edit /etc/blocklist.conf every time that IP changes to replace the old IP with the new IP, and then after it has saved the change it can just run "/etc/rc.d/blocklistd reload". I.e. if you don't want blocklistd to update your firewall rules for a certain IP or range, then just ask it not to do so in the first place! -- Greg A. Woods <gwoods%acm.org@localhost> Kelowna, BC +1 250 762-7675 RoboHack <woods%robohack.ca@localhost> Planix, Inc. <woods%planix.com@localhost> Avoncote Farms <woods%avoncote.ca@localhost>
Attachment:
pgpqmNaAxdMek.pgp
Description: OpenPGP Digital Signature