Re: Blacklistd configuration

To: joel.bertrand%systella.fr@localhost, netbsd-users%NetBSD.org@localhost
Subject: Re: Blacklistd configuration
From: neitzel%hackett.marshlabs.gaertner.de@localhost (Martin Neitzel)
Date: Sat, 5 Aug 2023 15:29:17 +0200 (CEST)

Hi Joel,

> 	I have installed blacklistd on -10.0 and, if daemon runs fine, it
> doesn't block attacks. I have read several pages and I suppose I have
> done a misconfiguration somewhere.
>
> 	My configuration is very simple. I only have to block ssh. thus, I have
> written in /etc/blacklistd.conf :

Looks basically good to me, but two ideas to verify things:

(1) It's blAcklistd* in up to NetBSD-9, but blOcklistd* from 10 on.
(2) Make sure that wm2 is your outward interface and not, say,
    pppoe (over wm2).   You could also simply leave off the "wm2:" spec
    in your config file.

> 	I suppose something is missing between ssh and blacklistd. And I don't
> understand how 'ruleset "blacklistd"' works. man npf.conf doesn't help.

It's documented in blocklistd(8), see "-C" and:

FILES
     /libexec/blocklistd-helper  Shell script invoked to interface with the
                                 packet filter.

							Martin Neitzel

Follow-Ups:
- Re: Blacklistd configuration
  - From: BERTRAND Joël

References:
- Blacklistd configuration
  - From: BERTRAND Joël

Prev by Date: Blacklistd configuration
Next by Date: Re: Blacklistd configuration
Previous by Thread: Blacklistd configuration
Next by Thread: Re: Blacklistd configuration
Indexes:

Home | Main Index | Thread Index | Old Index