blocklistd configuration

To: "netbsd-users%netbsd.org@localhost" <netbsd-users%netbsd.org@localhost>
Subject: blocklistd configuration
From: Sad Clouds <cryintothebluesky%gmail.com@localhost>
Date: Fri, 21 Nov 2025 09:11:56 +0000

Hi, I'm trying to configure blocklistd but it seems I'm missing
something. If I simulate ssh login failure, it is not registered via
blocklistd and "blocklistctl dump -a" shows an empty list.

I simulate ssh login failure on mue0 interface, so I put ruleset
"blocklistd" there. NPF does not allow to have the same ruleset in
multiple groups, but I think "blocklistctl dump -a" is separate from
NPF and should display something regardless of NPF settings.
Any suggestions?

/etc/rc.conf:
npf=YES
npfd=YES
npfd_flags="-d 5"
blocklistd=YES
blocklistd_flags="-r"

/etc/npf.conf:
$ext_if = "axen0"
$int_if = "mue0"

set bpf.jit on;
alg "icmp"

... skip part of config

group "internal" on $int_if {
        ruleset "blocklistd"
        pass final all
}
group default {
        pass  final on lo0 all
        block final all apply "log"
}

/etc/blocklistd.conf 
# adr/mask:port type    proto   owner           name    nfail   disable
[local]
ssh             stream  *       *               *       3       12h
*               *       *       *               *       3       60s

Prev by Date: Re: Windows 10 or 11 as guest on Netbsd/amd64 with nvmm + sound?
Previous by Thread: Has anyone gotten NetBSD 10 to work on an RPI5?
Indexes:

Home | Main Index | Thread Index | Old Index