NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: blocklistd configuration
On Fri, 21 Nov 2025 09:16:02 -0500
Greg Troxel <gdt%lexort.com@localhost> wrote:
> Sad Clouds <cryintothebluesky%gmail.com@localhost> writes:
>
> > Hi, I'm trying to configure blocklistd but it seems I'm missing
> > something. If I simulate ssh login failure, it is not registered via
> > blocklistd and "blocklistctl dump -a" shows an empty list.
>
> You say "simulate", but you should be doing ssh from some remote
> addresss and actually have login failures. Maybe that's what you meant.
> Make sure blocklistd is running, and then look in /var/log/messages.
>
> Also, you can have a group for the blocklistd ruleset, with nothing
> else, before the other groups.
>
> When I run 'blacklistctl dump -a' (n9) I get a few dozen lines.
Hi, thanks for the suggestions. So yes, when I say simulate I actually
mean - ssh to the host and provide empty password several times, so ssh
login eventually fails.
I checked and double checked everything, rebooted this machine to
make sure all daemons start from fresh, NPF and blocklistd are running,
no errors in any log files.
Moved the ruleset to its own group and still the same behavior. I will
finish setting everything up and then come back to it and see if I can
trace it.
# npfctl show
# filtering: active
# config: loaded
procedure "log"
map axen0 dynamic any -> 192.168.1.1 pass family inet4 from 10.0.0.0/16 # id="1"
group "blocklistd" default { # id="1"
ruleset "blocklistd" # id="2"
}
group "external" on axen0 { # id="3"
pass stateful out final all # id="4"
pass in final family inet4 proto tcp to 192.168.1.1 port 53 # id="5"
pass in final family inet4 proto udp to 192.168.1.1 port 53 # id="6"
block in final all apply "log" # id="7"
}
group "internal" on mue0 { # id="8"
pass final all # id="9"
}
group default { # id="a"
pass final on lo0 all # id="b"
block final all apply "log" # id="c"
}
Home |
Main Index |
Thread Index |
Old Index