Martin Neitzel a écrit :
> Hi Joel,
>
>> I have installed blacklistd on -10.0 and, if daemon runs fine, it
>> doesn't block attacks. I have read several pages and I suppose I have
>> done a misconfiguration somewhere.
>>
>> My configuration is very simple. I only have to block ssh. thus, I have
>> written in /etc/blacklistd.conf :
>
> Looks basically good to me, but two ideas to verify things:
>
> (1) It's blAcklistd* in up to NetBSD-9, but blOcklistd* from 10 on.
I have in -10 blAcklistd and blOcklistd. Is blacklistd now unsupported
? Man pages seem to be very similar.
> (2) Make sure that wm2 is your outward interface and not, say,
> pppoe (over wm2). You could also simply leave off the "wm2:" spec
> in your config file.
I'm sure that wm2 is my WAN interface.
>> I suppose something is missing between ssh and blacklistd. And I don't
>> understand how 'ruleset "blacklistd"' works. man npf.conf doesn't help.
>
> It's documented in blocklistd(8), see "-C" and:
>
> FILES
> /libexec/blocklistd-helper Shell script invoked to interface with the
> packet filter.
I have checked /libexec/blacklistd-helper. But as blacklistctl dump
doesn't return anything, I suppose something is broken before call of
/libexec/blacklistd-helper.
Regards,
JB
