On Jul 12, 11:26am, [email protected] (Reinoud Zandijk) wrote: -- Subject: Re: blacklistd is now available for current (comments?)
| Hi Christos, | | Thanks for your blacklistd, its soo much more lightweight that the others i've | seen in pkgsrc; really frees up my small NAS. I've installed the -current | version as in tree. thanks. | There are a few oddities though, and maybe you could enlighten me on those. | | First of all your name is still in a custom rule in the default installed | bloacklistd.conf. I'd say just comment it oug :) I will comment it out... This was really an example file. | More importantly, blacklistctl can only dump rules; it doesn't have commands | for adding or removing rules manually. So when i had to manually allow a | machine, my only option was to trunk the db file and restarting blacklistd. I | later learned that blacklistd also has a -f to do this, but its a bit odd that | there isn't say a `blacklistctl allow host port' that reverses a decision it | made. Yes, I have not had a chance to write more commands, and I am still thinking about the security implications of allowing a command protocol through the named pipe. | `blacklistctl dump' without the '-a' doesn't show anything even when there are | machines blacklisted with timeouts. This is documented; by default it shows only the embryonic ones... Perhaps it is not that useful. christos
