On Wed, Mar 31, 2021 at 11:49:41AM -0000, Michael van Elst wrote: > If you can store the whitelist in a file, you can define a file-based > npf table and reload the npf configuration or you can run npfctl > to inject/remove a rule when the whitelist changes. The latter is > more complicated since you need to remember the rule-id for removal.
I can store a whitelist in a file and when it changes I can trigger (say) reload of npf. (I might possibly do something like tail -f on a file to trigger this. And a client side job will update the file.) But the next question is, I need npf to not entertain request from blocklistd to block a whitelisted ip stored in a file. Can someone suggest how to do this? -- Mayuresh
