HomeFreeBSD

MFC r306695: Make blacklist-helper commands emit a message when successful

Description

MFC r306695: Make blacklist-helper commands emit a message when successful

The blacklistd daemon expects to see a message on stdout, instead
of just relying on the exit value from any invoked programs.

Change the pf filtering to create multiple filters, attached under
a the "blacklist/*" anchor point. This prevents the filtering for
each port's filtering rule from overwriting the previously installed
filtering rule. Check for an existing filtering rule for each port,
so the installation of a given filtering rule only happens once.
Reinstalling the same rule resets the counters for the pf rule, and
we don't want that.

Sponsored by: The FreeBSD Foundation

Details

Provenance
lidlAuthored on
Parents
rS307170: MFC 304331
Branches
Unknown
Tags
Unknown