Re: Why doesn't NetBSD recognize my entries in /etc/hosts?

[Eric Haszlakiewicz <erh%nimenees.com@localhost>]

On September 16, 2015 3:30:43 PM EDT, Ottavio Caruso <ottavio2006-netbsd%yahoo.com@localhost> wrote:
>On 16 September 2015 at 19:06, Johnny Billquist <bqt%update.uu.se@localhost>
>wrote:
>> On 2015-09-16 19:09, Ottavio Caruso wrote:
>>>
>>> RE:
>http://mail-index.netbsd.org/netbsd-users/2014/04/27/msg014543.html
>>>
>>> I put domains that I want to block in /etc/hosts preceded by 0.0.0.0
>>> but I can still ping them.
>>>
>>> I rebooted, but I can still ping them.
>>>
>>> Then I have mass-changed all entries from 0.0.0.0 to 127.0.0.1 and I
>>> can still ping them.
>>>
>>> Rebooted, same thing.
>>>
>>> Why can I do this effortlessly with Windows and Linux but not with
>NetBSD?
>>
>>
>> First of all, using /etc/hosts as a way of block domains is extremely
>> unreliable and not really a meaningful way of actually block
>anything.
>
>Why? It works on other platforms?
>
>>
>> Second, I guess you haven't heard of /etc/nsswitch.conf. It also
>exists in
>> Linux. It tells which methods are used, and in which order. It might
>be that
>> you have dns before files.
>
>I've checked my nsswitch.conf, it's files before hosts
>
>>
>> Changing a destination to 127.0.0.1, and then pinging it, why would
>you
>> expect it to not work. 127.0.0.1 will most likely respond to pings.
>> Pinging 0.0.0.0 will also give some result. Most probably your
>default
>> gateway machine.
>
>Yes, I didn't express myself correctly. I meant that I ping the
>original host, not 127.0.0.1.
>
>BTW, rebooting TWICE produced the intended result. I wonder why I had
>to reboot twice.

Fwiw, using /etc/hosts sounds entirely reasonable for what you're trying to do (and hosts.deny, though having a similar name, is pointless to look at).

Do additional changes require a reboot?  If so, something is really odd.  Changes to /etc/hosts should take effect immediately.  Maybe use ktrace/kdump to see if it's actually being read?

Eric