Re: blocklistd: How to keep my dynamic IP from getting blocked

[Mayuresh <mayuresh%acm.org@localhost>]

On Fri, Apr 02, 2021 at 11:20:18AM -0700, Greg A. Woods wrote:
> Just tell blocklistd not to block that IP!

I posed my question like that originally! Something led me to believe that
this needs to be done at npf level, which could be my misunderstanding.
But thanks for containing the drift.

Just looked at man blacklistd.conf

I guess nfail=* (means never) is what I have to use? And this entry with
ip address would be in [remote], right?

What is unclear is the precedence - when one spec says block it and
another one says don't, how does blocklistd resolve it?

I do see this:

     Matching is done first by checking the local rules individually, in
     the order of the most specific to the least specific.  If a match is
     found, then the remote rules are applied.  The name, nfail, and
     disable fields can be altered by the remote rule that matched.

Does it mean [remote] simply overrides [local]?

-- 
Mayuresh