Make 502.pfdenied find blacklistd/* filter names dynamically
ClosedPublic
Actions

Authored by • lidl on Sep 29 2016, 8:52 PM.

Details

Reviewers

emaste
kp

Summary

This change is needed to make the 520.pfdenied script find the new blacklistd/* anchor
points for reporting blocked traffic.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 5451
Build 5661: CI src build	Jenkins

Event Timeline

• lidl updated this revision to Diff 20828.Sep 29 2016, 8:52 PM

• lidl retitled this revision from to Make 502.pfdenied find blacklistd/* filter names dynamically.

• lidl updated this object.

• lidl edited the test plan for this revision. (Show Details)

• lidl added a reviewer: emaste.

• lidl set the repository for this revision to rS FreeBSD src repository - subversion.

Herald added a subscriber: imp. · View Herald TranscriptSep 29 2016, 8:52 PM

• lidl added a reviewer: kp.Sep 29 2016, 9:30 PM

kp added inline comments.Oct 4 2016, 8:14 PM

etc/periodic/security/520.pfdenied
47	# echo $(pfctl -a "blacklistd" -sA) pfctl: DIOCGETRULESETS: No such file or directory So if there are no blacklistd anchors we end up with errors in the log, right?

• lidl marked an inline comment as done.Oct 4 2016, 8:39 PM

• lidl added inline comments.

etc/periodic/security/520.pfdenied
47	Good catch. I will upload a new diff momentarily.

Address review comment about error messages when the pf anchor isn't defined.

kp accepted this revision.Oct 4 2016, 9:06 PM

kp edited edge metadata.

This revision is now accepted and ready to land.Oct 4 2016, 9:06 PM

I forgot to put the Phabricator review URL in the commit message. Manually closing.

Revision Contents
Changeset List

Path

Size

etc/

periodic/

security/

520.pfdenied

3 lines

Diff 21045

View Options

etc/periodic/security/520.pfdenied

Make 502.pfdenied find blacklistd/* filter names dynamicallyClosedPublicActions