From nobody Mon Feb  9 15:55:06 2026
X-Original-To: questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4f8q5m4gSfz6RdB6
	for <questions@mlmmj.nyi.freebsd.org>; Mon, 09 Feb 2026 15:55:08 +0000 (UTC)
	(envelope-from des@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R12" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4f8q5m451Wz3FGZ;
	Mon, 09 Feb 2026 15:55:08 +0000 (UTC)
	(envelope-from des@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1770652508;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QjZrLMCnS9/hm66voMEN8kQcOdM2VkHVfBKCckfb+TU=;
	b=o9tzMx8NLI9DFBLbO37BezVxTjelnEHu9OAlAJpTHBUf2qS87ulk2NUgu1LBdxN817rtaU
	0eCTUvnFY6MwGOTyR2dSTN//MBGL7q6RPyNsTzQrACqMmCzFhOM0TIe70VwqiiJyfMK09E
	9Iv2g+oBNyIJ1NOi1THPEUbuQTyZOZB7nZm6tC+s7cNgorn5Dz9aOqBD/6GrLqep27Oreb
	VJOsHJoS+08rWi8NIBQphWO6rfsU5UYMZYvLAOg7rm7OuLIgkmFffOQwZ4+L0K0whiWxre
	LH42EbboabhEdgKQEwnw/SWhVTMDjvF5uJNWkc9EtN2vmYK8h2a4rc0IVkRIRA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1770652508; a=rsa-sha256; cv=none;
	b=ZC56JAMZu9SrfLxDOcMRKjdj4zAScs9L2lANK9KRQJBS+w8f7aK0hkhxyvw92iXgqK+dma
	wC4l7NWTJPItixhY972w3ZvVhntIx8gX0tm9YR1U56s2dn5JvSrBFvKPx0qZgDWlOCL/6v
	cnitovPRJ0EXz/FrMJ7NSA6TJaqdlhtDHveY9tbxU3dsSQDkMiT953HNT19yPXAoJbcwll
	wVtYbhatzghxp30xyhdJ+4gSpjfcaQ7hd2jTr+VPSheDQrIQ0bSm33uZGCsMB7VQeoeo19
	h2xslisyzGVQtFFQXBlF2g50g1V/JqxD2Ig5E24J3O3ziMnr86rd4C77WjxVWQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1770652508;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QjZrLMCnS9/hm66voMEN8kQcOdM2VkHVfBKCckfb+TU=;
	b=BbIvwG24DeiL+dc24FU76X7/9dAJwMnUOxyL8+H+LfmMRC2e1qEGwbb6BehjGxMbpK12up
	f80ekddTanjnMCXnGlS2Oi+rBtNEImGUuOh2EYZUr+AafF/unDHuolyJSdS6KTv2cBrltI
	NKYBhOxSjV38s+KwN7Px+INwnW7oH4ZJ8SUMTIs9/2eWvzedTWiw1eLx6wxLAFGqR7nkIl
	KuO2j0Dyd123rkBRckX+yRO8odfpSE5OiEgoK+7yYR6t5SHOg6YUlWcAppRO8OR4s9vO3/
	FmrcsqfAMl01JPuwDLtORk7Sese0U4x+AVuB8xjHKev0lm92/38GqpgaAPRfAw==
Received: from ltc.des.dev (lfbn-nan-1-698-103.w86-236.abo.wanadoo.fr [86.236.35.103])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: des)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4f8q5m2jQlz1BtH;
	Mon, 09 Feb 2026 15:55:08 +0000 (UTC)
	(envelope-from des@freebsd.org)
Received: by ltc.des.dev (Postfix, from userid 1001)
	id 78AFE7549F; Mon, 09 Feb 2026 16:55:06 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org>
To: Doug Hardie <bc979@lafn.org>
Cc: questions@freebsd.org
Subject: Re: blacklistd vs blocklistd
In-Reply-To: <A06CF97C-2AE6-4CB2-A044-BB522B35C7A0@lafn.org> (Doug Hardie's
	message of "Sun, 8 Feb 2026 17:21:55 -0800")
References: <791ACFD5-4DDC-4454-A88B-077801822560@lafn.org>
	<86zf5i6btk.fsf@ltc.des.dev>
	<A06CF97C-2AE6-4CB2-A044-BB522B35C7A0@lafn.org>
User-Agent: Gnus/5.13 (Gnus v5.13)
Date: Mon, 09 Feb 2026 16:55:06 +0100
Message-ID: <86v7g56het.fsf@ltc.des.dev>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
Sender: owner-freebsd-questions@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Doug Hardie <bc979@lafn.org> writes:
> I switched back to blocklistd, but the previous blacklistd entries
> show with blocklistctl, but pfctl only finds 5 entries whereas before
> there were over 800.  Also, I previously was seeing around 80 new
> blocking entries added every hour.  Now I am seeing 2 in the pf
> tables.

Switching from one to the other changes the name of the pf anchor.  Did
you update your pf.conf accordingly, and are you sure you're looking at
the correct anchor and table?  For instance, if running blocklistd, you
would use the following command to see blocked IPs:

    sudo pfctl -a blocklistd/22 -t port22 -Ts

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org