NetBSD

Author	SHA1	Message	Date
christos	659959f90a	Typo fixes from FreeBSD via Ed Maste	2020-05-19 00:56:25 +00:00
snj	cc9246a967	The name of the action used with blacklistd's control script is rem, not remove. From Jose Luis Duran in PR bin/55195.	2020-05-06 14:59:51 +00:00
christos	a8dbdb5e18	PR/55193: Jose Luis Duran: Fix wrong location for the db file.	2020-04-21 13:57:12 +00:00
wiz	ac9a18e047	New sentence, new line.	2020-03-30 17:32:22 +00:00
christos	44326bb04d	Clarify that we always need a valid socket	2020-03-30 15:47:15 +00:00
wiz	e16bf87030	Fix typos.	2020-03-30 08:45:09 +00:00
christos	d6d7dd9781	Explain how configuration matching is done.	2020-03-30 03:02:41 +00:00
christos	94703ef0ad	Re-enable the routing perm check now that the kernel has been fixed to return valid information.	2020-03-13 16:38:45 +00:00
christos	7351464dcb	Disable routing perms check for now.	2020-03-12 19:47:32 +00:00
christos	86a9e77961	Handle fds that are pointing to routing sockets. If the fd has access to make changes via the routing socket, grant full permission to make filter changes.	2020-03-12 19:35:11 +00:00
roy	4f3ce5d8c9	Revert allowing fd == -1 at the request of Christos.	2020-03-12 11:31:23 +00:00
roy	3d4211e6a1	blacklist: Don't remove a ruleset if we have already added it The noted argument is wrong - if it's already been deleted then the id we have for it is invalid. Because we don't track deletions to the ruleset, working it out is problematic at best. Instead, if we have already added the rule treat it as a non-op. This is a valid use case because we might receive a burst of messages in the downstream application for the same address and process them one by one. It's not the job of the downstream application to track blacklistd state.	2020-03-11 02:33:18 +00:00
roy	dbbcb133c0	blacklist: Allow blacklist_sa to work with an invalid fd fd -1 is invalid, so don't query it for protocol, port or address. fd is supposed to represent how the client is connected, but if we are parsing route(4) messages or log files then there is no client connection to interogate.	2020-03-11 02:12:08 +00:00
roy	420d77836f	Whitespace police.	2020-03-10 13:36:07 +00:00
tnn	6aff709faf	silence sign-conversion warning from clang	2019-11-11 09:24:56 +00:00
wiz	66041a7b29	Add missing El. Use more markup.	2019-11-06 23:17:37 +00:00
christos	c7395fee77	Ordinarily, the continue clause of the for-loop would free 'line.' In this case we instead return early, missing the free. Add an explicit free to avoid the leak. Found via coverity. From Conrad Meyer @ FreeBSD r331230	2019-11-06 21:01:17 +00:00
christos	51d806a701	The original blacklist library supported two operations - a notification of a failed auth attempt, and a notification of a successful auth attempt. Implements a third option - notification of abusive behavior, and accepts, but does not act on a forth type - "bad username". It is envisioned that a system administrator will configure a small list of "known bad usernames" that should be blocked immediately. From Kurt Lidl @ FreeBSD	2019-11-06 20:50:01 +00:00
para	84640cec8a	fix stupid typo...	2019-11-06 20:33:30 +00:00
christos	ba6f1286be	Add signal documentation from Kurt Lidl @ FreeBSD s/don't/do not/	2019-11-06 20:29:46 +00:00
para	e36a941a83	blacklistd.conf.5: pluralization fix (as currently comitted in FreeBSD)	2019-11-06 20:29:41 +00:00
christos	dd4590b9a0	We don't need to depend on pthreads.	2019-03-08 20:40:05 +00:00
christos	9b51e85d63	Instead of deleting the rules individually use flush to kill them all at once for efficiently. Also when restoring, don't nuke the database (Phil Rulon).	2019-02-27 02:20:18 +00:00
christos	b2d60dd6a2	fix ymdhms calculation	2018-09-18 22:12:19 +00:00
christos	268058c040	One more possible star.	2018-05-24 19:21:01 +00:00
christos	cf5e80d451	handle '*' entries in rules.	2018-05-24 19:19:37 +00:00
christos	9a9aea2376	refresh the diffs to the latest portable	2018-05-23 16:03:07 +00:00
christos	af5b018293	add a diff for smtpd	2018-02-01 03:32:31 +00:00
abhinav	045f238bdc	Add comma between Nm entries	2017-10-22 10:31:57 +00:00
christos	8e469e5ba9	amend the patch to close.	2017-06-26 17:12:05 +00:00
wiz	bd0c36e3c1	Add missing argument to macro.	2017-06-07 13:50:57 +00:00
sevan	f5be6335dc	Improve wording. Bump date. ok christos	2017-06-05 21:34:58 +00:00
christos	d72a6146c2	Explain a bit more how to examine the blacklist state.	2017-04-13 17:59:34 +00:00
christos	af3449069f	fixes from FreeBSD via Kurt Lidl	2017-03-17 20:42:42 +00:00
christos	dae91fde36	more debugging from Kurt Lidl	2017-02-18 00:26:16 +00:00
wiz	22c6b27a2a	Quote - to make it a minus.	2017-02-04 23:33:56 +00:00
abhinav	b39a8cc173	Correct the function names in the RETURN VALUES section and use markup for errno.	2017-01-31 16:55:04 +00:00
abhinav	6ed704228b	Fix a sentence.	2017-01-31 16:31:21 +00:00
abhinav	a030726459	Remove comma after the last Nm entry.	2017-01-31 16:23:18 +00:00
christos	7d1687165d	PR/51801: Matthew Mondor: Support multiple -s options and -P and -s at the same time.	2017-01-09 03:05:48 +00:00
jnemeth	6532ac6b7a	Set path for includes_HEADERS. Change suggested by christos@.	2016-11-26 02:12:18 +00:00
christos	033d09113f	no need for config.h; it should be auto-gened.	2016-11-13 22:38:22 +00:00
christos	989be9bb50	add include in the vpath.	2016-11-13 22:37:39 +00:00
jnemeth	26440e41e3	Correct misplaced break; from FreeBSD. Approved By: christos	2016-11-02 03:15:07 +00:00
christos	2a60a2e549	account for socket name change.	2016-10-17 22:47:16 +00:00
christos	0c1628ad4e	restore rules after the database is open, add error message to prevent silent failure in the future. (Kurt Lidl)	2016-09-26 19:43:43 +00:00
dholland	cc620b0609	typo	2016-07-30 06:09:29 +00:00
christos	ec40c28b64	Use %s+strerro(errno) instead of %m (From Kurt Lidl)	2016-07-29 17:13:09 +00:00
christos	ab85c28026	improve on ipfilter rules by Cy Schubert	2016-06-09 20:02:52 +00:00
christos	9f35ea3fd2	Support ipfw and ipf from FreeBSD	2016-06-09 18:59:31 +00:00

1 2 3 4 5

203 Commits