On Tue, May 22, 2018 at 11:03:34AM +0100, Stephen Borrill wrote: > > While it worked okay I found that the number of firewall rules it > > produced crept up to be stupidly large over time. This plus the startup > > anoyance made me switch to blacklistd. I'm still using ipf as a firewall > > so I cooked my own custom script to integrate it with ipf (it defaults > > to npf) based on the scripts that FreeBSD provides. > > Nice, care to share your ipf-interfacing script (and/or make it commitable)?
If you mean blacklistd + ipf, doesn't it already "just work"? (Surprised to see "npf only" comment earlier in thread: /usr/src/external/bsd/blacklist/libexec/blacklistd-helper Cheers, Patrick