NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: blocklistd: How to keep my dynamic IP from getting blocked

At Fri, 2 Apr 2021 11:24:53 +0530, Mayuresh <> wrote:
Subject: Re: blocklistd: How to keep my dynamic IP from getting blocked
> I can store a whitelist in a file and when it changes I can trigger (say)
> reload of npf. (I might possibly do something like tail -f on a file to
> trigger this. And a client side job will update the file.)
> But the next question is, I need npf to not entertain request from
> blocklistd to block a whitelisted ip stored in a file. Can someone suggest
> how to do this?

The way you are asking the question makes it sound like you are trying
to make the most complex, convoluted, confusing, and difficult solution

It can be much easier than that!

Just tell blocklistd not to block that IP!  (and of course also
trigger blocklistd to reload its configuration at the same time)

I.e. have the script which is triggered by a change in the remote
network IP edit /etc/blocklist.conf every time that IP changes to
replace the old IP with the new IP, and then after it has saved the
change it can just run "/etc/rc.d/blocklistd reload".

I.e. if you don't want blocklistd to update your firewall rules for a
certain IP or range, then just ask it not to do so in the first place!

					Greg A. Woods <>

Kelowna, BC     +1 250 762-7675           RoboHack <>
Planix, Inc. <>     Avoncote Farms <>

Attachment: pgpqmNaAxdMek.pgp
Description: OpenPGP Digital Signature

Home | Main Index | Thread Index | Old Index