Re: blacklistd is now available for current (comments?)

To: current-users%netbsd.org@localhost
Subject: Re: blacklistd is now available for current (comments?)
From: christos%astron.com@localhost (Christos Zoulas)
Date: Thu, 22 Jan 2015 19:20:01 +0000 (UTC)

Thanks everyone for their feedback; there is a new blacklistd.tar.gz
in the same place (http://www.netbsd.org/~christos/blacklistd.tar.gz)
with the following new features:

	- udp now works
	- patches for named in addition to sshd
	- efficiency fixes
	- allow address selection and individual per blacklist rule npf
	  rule names
	- NetBSD rc system integration
	- linux and macosx port (cd port; autoreconf -f -i; make)
	  XXX: alas no iptables shell script (yet), and no packet filter
	  is MacOS/X
	  XXX: No packaging for linux and MacOS/X
	- new TODO file
	- multiple socket support to handle chrooted daemons (like syslogd)

Simple instructions:

- extract the tar, make includes && make && make install
- Apply the patches to sshd and named.
- Fix the named and sshd Makefiles, simply:

	SRCS+=pfilter.c
	LDADD+=-lblacklist

- Build and install
- Edit your npf.conf to add the blacklist dynamic ruleset, see the README
  file for that.
- Edit your /etc/rc.conf to add:

	blacklistd=YES

- Restart the daemons

	env - /etc/rc.d/blacklistd restart
	env - /etc/rc.d/named restart
	env - /etc/rc.d/sshd restart

- See activity:

	grep blacklistd /var/log/messages

- See blocked addresses

	npfctl rule blacklistd list

Enjoy,

christos

References:
- Re: blacklistd is now available for current (comments?)
  - From: Martin Husemann
- Re: blacklistd is now available for current (comments?)
  - From: Christos Zoulas

Prev by Date: Re: installboot: Old BPB too big, use -f (may invalidate file system)
Next by Date: Re: installboot: Old BPB too big, use -f (may invalidate file system)
Previous by Thread: Re: blacklistd is now available for current (comments?)
Next by Thread: daily CVS update output
Indexes:

Home | Main Index | Thread Index | Old Index