On Fri, 3 Jun 2022, Emile `iMil' Heitor wrote:
As the rules in the ruleset are declared as "final", I presume the default
`pass all` is not reached, am I right?
So, no, I was wrong. Changing the order made the rules apply. I simply removed
the "external" group and inserted the ruleset before
I am trying to use npf along with blacklistd as an anti-bruteforce system.
Configuration-wide, everything seems to work together, yet blacklisted IPs,
while present in the "blacklistd" ruleset, don't seem to be blocked.
Here's my npf.conf file:
# npf.conf
$ext = vioif0
$ip4 = inet4(vioif0)