Re: blocklistd configuration

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: blocklistd configuration
From: Sad Clouds <cryintothebluesky%gmail.com@localhost>
Date: Sun, 23 Nov 2025 14:43:01 +0000

On Fri, 21 Nov 2025 11:06:44 -0500
Greg Troxel <gdt%lexort.com@localhost> wrote:

> Overall I am guessing there is something messed up with your system,
> either blocklistd or sshd.

I think it's a NetBSD-10.X bug. Tracing blocklistd shows no syscall
activity with regard to ssh failure. So looks like no events are ever
sent to it.

Same config works as expected on NetBSD-9.4:

ultra10# uname -a
NetBSD ultra10 9.4_STABLE NetBSD 9.4_STABLE (GENERIC) #0:   mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/sparc64/compile/GENERIC sparc64

ultra10# cat /etc/blacklistd.conf 
# adr/mask:port type    proto   owner           name    nfail   disable
[local]
ssh             stream  *       *               *       10      12h
*               *       *       *               *       10      60s

# adr/mask:port type    proto   owner           name    nfail   disable
[remote]

ultra10# rm /var/db/blacklistd.db

ultra10# /etc/rc.d/blacklistd onestart
Starting blacklistd.

ultra10# /etc/rc.d/sshd restart
Stopping sshd.
Starting sshd.

... Simulate ssh login failure then wait 5 seconds

ultra10# blacklistctl dump -a
        address/ma:port id      nfail   last access
       10.0.0.2/32:22           1/10    2025/11/23 14:29:53

References:
- blocklistd configuration
  - From: Sad Clouds
- Re: blocklistd configuration
  - From: Greg Troxel
- Re: blocklistd configuration
  - From: Sad Clouds
- Re: blocklistd configuration
  - From: Greg Troxel

Prev by Date: Re: NPF is blocking some of the outgoing traffic
Previous by Thread: Re: blocklistd configuration
Next by Thread: Chromium i915drmkms0: notice: chrome[972] context reset due to GPU hang
Indexes:

Home | Main Index | Thread Index | Old Index