tf(buf, sizeof(buf), "%a", (void *)&c.c_ss= ); > + printf("%*.*s/%s:%s\t", wide, wide, buf, > + star(mbuf, sizeof(mbuf), c.c_lmask), > + star(pbuf, sizeof(pbuf), c.c_port)); > + if (c.c_duration =3D=3D -1) { > + strlcpy(buf, "never", sizeof(buf)); > + } else { > + if (remain) > + fmtydhms(buf, sizeof(buf), > + c.c_duration - (ts.tv_sec - dbi.last)= ); > + else > + fmttime(buf, sizeof(buf), dbi.last); > + } > + printf("%s\t%d/%s\t%-s\n", dbi.id, dbi.count, > + star(mbuf, sizeof(mbuf), c.c_nfail), buf); > + } > + state_close(db); > + return EXIT_SUCCESS; > +} > diff --git a/contrib/blocklist/bin/blacklistd.c b/contrib/blocklist/bin/b= lacklistd.c > new file mode 100644 > index 000000000000..ded3075ed707 > --- /dev/null > +++ b/contrib/blocklist/bin/blacklistd.c > @@ -0,0 +1,592 @@ > +/* $NetBSD: blocklistd.c,v 1.10 2025/03/26 17:09:35 christos Exp $ *= / > + > +/*- > + * Copyright (c) 2015 The NetBSD Foundation, Inc. > + * All rights reserved. > + * > + * This code is derived from software contributed to The NetBSD Foundati= on > + * by Christos Zoulas. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in th= e > + * documentation and/or other materials provided with the distributio= n. > + * > + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBU= TORS > + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT L= IMITED > + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTI= CULAR > + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBU= TORS > + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, O= R > + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF > + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSIN= ESS > + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER = IN > + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWIS= E) > + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED O= F THE > + * POSSIBILITY OF SUCH DAMAGE. > + */ > +#ifdef HAVE_CONFIG_H > +#include "config.h" > +#endif > + > +#ifdef HAVE_SYS_CDEFS_H > +#include > +#endif > +__RCSID("$NetBSD: blocklistd.c,v 1.10 2025/03/26 17:09:35 christos Exp $= "); > + > +#include > +#include > +#include > + > +#ifdef HAVE_LIBUTIL_H > +#include > +#endif > +#ifdef HAVE_UTIL_H > +#include > +#endif > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include "old_bl.h" > +#include "old_internal.h" > +#include "conf.h" > +#include "run.h" > +#include "state.h" > +#include "support.h" > + > +static const char *configfile =3D _PATH_BLCONF; > +static DB *state; > +static const char *dbfile =3D _PATH_BLSTATE; > +static sig_atomic_t readconf; > +static sig_atomic_t done; > +static int vflag; > + > +static void > +sigusr1(int n __unused) > +{ > + debug++; > +} > + > +static void > +sigusr2(int n __unused) > +{ > + debug--; > +} > + > +static void > +sighup(int n __unused) > +{ > + readconf++; > +} > + > +static void > +sigdone(int n __unused) > +{ > + done++; > +} > + > +static __dead void > +usage(int c) > +{ > + if (c !=3D '?') > + warnx("Unknown option `%c'", (char)c); > + fprintf(stderr, "Usage: %s [-vdfr] [-c ] [-R ] = " > + "[-P ] [-C ] [-D ] " > + "[-s ] [-t ]\n", getprogname()); > + exit(EXIT_FAILURE); > +} > + > +static int > +getremoteaddress(bl_info_t *bi, struct sockaddr_storage *rss, socklen_t = *rsl) > +{ > + *rsl =3D sizeof(*rss); > + memset(rss, 0, *rsl); > + > + if (getpeername(bi->bi_fd, (void *)rss, rsl) !=3D -1) > + return 0; > + > + if (errno !=3D ENOTCONN) { > + (*lfun)(LOG_ERR, "getpeername failed (%m)"); > + return -1; > + } > + > + if (bi->bi_slen =3D=3D 0) { > + (*lfun)(LOG_ERR, "unconnected socket with no peer in mess= age"); > + return -1; > + } > + > + switch (bi->bi_ss.ss_family) { > + case AF_INET: > + *rsl =3D sizeof(struct sockaddr_in); > + break; > + case AF_INET6: > + *rsl =3D sizeof(struct sockaddr_in6); > + break; > + default: > + (*lfun)(LOG_ERR, "bad client passed socket family %u", > + (unsigned)bi->bi_ss.ss_family); > + return -1; > + } > + > + if (*rsl !=3D bi->bi_slen) { > + (*lfun)(LOG_ERR, "bad client passed socket length %u !=3D= %u", > + (unsigned)*rsl, (unsigned)bi->bi_slen); > + return -1; > + } > + > + memcpy(rss, &bi->bi_ss, *rsl); > + > +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN > + if (*rsl !=3D rss->ss_len) { > + (*lfun)(LOG_ERR, > + "bad client passed socket internal length %u !=3D %u"= , > + (unsigned)*rsl, (unsigned)rss->ss_len); > + return -1; > + } > +#endif > + return 0; > +} > + > +static void > +process(bl_t bl) > +{ > + struct sockaddr_storage rss; > + socklen_t rsl; > + char rbuf[BUFSIZ]; > + bl_info_t *bi; > + struct conf c; > + struct dbinfo dbi; > + struct timespec ts; > + > + memset(&dbi, 0, sizeof(dbi)); > + memset(&c, 0, sizeof(c)); > + if (clock_gettime(CLOCK_REALTIME, &ts) =3D=3D -1) { > + (*lfun)(LOG_ERR, "clock_gettime failed (%m)"); > + return; > + } > + > + if ((bi =3D bl_recv(bl)) =3D=3D NULL) { > + (*lfun)(LOG_ERR, "no message (%m)"); > + return; > + } > + > + if (getremoteaddress(bi, &rss, &rsl) =3D=3D -1) > + goto out; > + > + if (debug || bi->bi_msg[0]) { > + sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&r= ss); > + (*lfun)(bi->bi_msg[0] ? LOG_INFO : LOG_DEBUG, > + "processing type=3D%d fd=3D%d remote=3D%s msg=3D%s ui= d=3D%lu gid=3D%lu", > + bi->bi_type, bi->bi_fd, rbuf, > + bi->bi_msg, (unsigned long)bi->bi_uid, > + (unsigned long)bi->bi_gid); > + } > + > + if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) =3D=3D NULL) { > + (*lfun)(LOG_DEBUG, "no rule matched"); > + goto out; > + } > + > + > + if (state_get(state, &c, &dbi) =3D=3D -1) > + goto out; > + > + if (debug) { > + char b1[128], b2[128]; > + (*lfun)(LOG_DEBUG, "%s: initial db state for %s: count=3D= %d/%d " > + "last=3D%s now=3D%s", __func__, rbuf, dbi.count, c.c_= nfail, > + fmttime(b1, sizeof(b1), dbi.last), > + fmttime(b2, sizeof(b2), ts.tv_sec)); > + } > + > + switch (bi->bi_type) { > + case BL_ABUSE: > + /* > + * If the application has signaled abusive behavior, > + * set the number of fails to be one less than the > + * configured limit. Fallthrough to the normal BL_ADD > + * processing, which will increment the failure count > + * to the threshhold, and block the abusive address. > + */ > + if (c.c_nfail !=3D -1) > + dbi.count =3D c.c_nfail - 1; > + /*FALLTHROUGH*/ > + case BL_ADD: > + dbi.count++; > + dbi.last =3D ts.tv_sec; > + if (c.c_nfail !=3D -1 && dbi.count >=3D c.c_nfail) { > + /* > + * No point in re-adding the rule. > + * It might exist already due to latency in proce= ssing > + * and removing the rule is the wrong thing to do= as > + * it allows a window to attack again. > + */ > + if (dbi.id[0] =3D=3D '\0') { > + int res =3D run_change("add", &c, > + dbi.id, sizeof(dbi.id)); > + if (res =3D=3D -1) > + goto out; > + } > + sockaddr_snprintf(rbuf, sizeof(rbuf), "%a", > + (void *)&rss); > + (*lfun)(LOG_INFO, > + "blocked %s/%d:%d for %d seconds", > + rbuf, c.c_lmask, c.c_port, c.c_duration); > + } > + break; > + case BL_DELETE: > + if (dbi.last =3D=3D 0) > + goto out; > + dbi.count =3D 0; > + dbi.last =3D 0; > + break; > + case BL_BADUSER: > + /* ignore for now */ > + break; > + default: > + (*lfun)(LOG_ERR, "unknown message %d", bi->bi_type); > + } > + state_put(state, &c, &dbi); > + > +out: > + close(bi->bi_fd); > + > + if (debug) { > + char b1[128], b2[128]; > + (*lfun)(LOG_DEBUG, "%s: final db state for %s: count=3D%d= /%d " > + "last=3D%s now=3D%s", __func__, rbuf, dbi.count, c.c_= nfail, > + fmttime(b1, sizeof(b1), dbi.last), > + fmttime(b2, sizeof(b2), ts.tv_sec)); > + } > +} > + > +static void > +update_interfaces(void) > +{ > + struct ifaddrs *oifas, *nifas; > + > + if (getifaddrs(&nifas) =3D=3D -1) > + return; > + > + oifas =3D ifas; > + ifas =3D nifas; > + > + if (oifas) > + freeifaddrs(oifas); > +} > + > +static void > +update(void) > +{ > + struct timespec ts; > + struct conf c; > + struct dbinfo dbi; > + unsigned int f, n; > + char buf[128]; > + void *ss =3D &c.c_ss; > + > + if (clock_gettime(CLOCK_REALTIME, &ts) =3D=3D -1) { > + (*lfun)(LOG_ERR, "clock_gettime failed (%m)"); > + return; > + } > + > +again: > + for (n =3D 0, f =3D 1; state_iterate(state, &c, &dbi, f) =3D=3D 1= ; > + f =3D 0, n++) > + { > + time_t when =3D c.c_duration + dbi.last; > + if (debug > 1) { > + char b1[64], b2[64]; > + sockaddr_snprintf(buf, sizeof(buf), "%a:%p", ss); > + (*lfun)(LOG_DEBUG, "%s:[%u] %s count=3D%d duratio= n=3D%d " > + "last=3D%s " "now=3D%s", __func__, n, buf, db= i.count, > + c.c_duration, fmttime(b1, sizeof(b1), dbi.las= t), > + fmttime(b2, sizeof(b2), ts.tv_sec)); > + } > + if (c.c_duration =3D=3D -1 || when >=3D ts.tv_sec) > + continue; > + if (dbi.id[0]) { > + run_change("rem", &c, dbi.id, 0); > + sockaddr_snprintf(buf, sizeof(buf), "%a", ss); > + (*lfun)(LOG_INFO, "released %s/%d:%d after %d sec= onds", > + buf, c.c_lmask, c.c_port, c.c_duration); > + } > + state_del(state, &c); > + goto again; > + } > +} > + > +static void > +addfd(struct pollfd **pfdp, bl_t **blp, size_t *nfd, size_t *maxfd, > + const char *path) > +{ > + bl_t bl =3D bl_create(true, path, vflag ? vdlog : vsyslog_r); > + if (bl =3D=3D NULL || !bl_isconnected(bl)) > + exit(EXIT_FAILURE); > + if (*nfd >=3D *maxfd) { > + *maxfd +=3D 10; > + *blp =3D realloc(*blp, sizeof(**blp) * *maxfd); > + if (*blp =3D=3D NULL) > + err(EXIT_FAILURE, "malloc"); > + *pfdp =3D realloc(*pfdp, sizeof(**pfdp) * *maxfd); > + if (*pfdp =3D=3D NULL) > + err(EXIT_FAILURE, "malloc"); > + } > + > + (*pfdp)[*nfd].fd =3D bl_getfd(bl); > + (*pfdp)[*nfd].events =3D POLLIN; > + (*blp)[*nfd] =3D bl; > + *nfd +=3D 1; > +} > + > +static void > +uniqueadd(struct conf ***listp, size_t *nlist, size_t *mlist, struct con= f *c) > +{ > + struct conf **list =3D *listp; > + > + if (c->c_name[0] =3D=3D '\0') > + return; > + for (size_t i =3D 0; i < *nlist; i++) { > + if (strcmp(list[i]->c_name, c->c_name) =3D=3D 0) > + return; > + } > + if (*nlist =3D=3D *mlist) { > + *mlist +=3D 10; > + void *p =3D realloc(*listp, *mlist * sizeof(*list)); > + if (p =3D=3D NULL) > + err(EXIT_FAILURE, "Can't allocate for rule list")= ; > + list =3D *listp =3D p; > + } > + list[(*nlist)++] =3D c; > +} > + > +static void > +rules_flush(void) > +{ > + struct conf **list; > + size_t nlist, mlist; > + > + list =3D NULL; > + mlist =3D nlist =3D 0; > + for (size_t i =3D 0; i < rconf.cs_n; i++) > + uniqueadd(&list, &nlist, &mlist, &rconf.cs_c[i]); > + for (size_t i =3D 0; i < lconf.cs_n; i++) > + uniqueadd(&list, &nlist, &mlist, &lconf.cs_c[i]); > + > + for (size_t i =3D 0; i < nlist; i++) > + run_flush(list[i]); > + free(list); > +} > + > +static void > +rules_restore(void) > +{ > + DB *db; > + struct conf c; > + struct dbinfo dbi; > + unsigned int f; > + > + db =3D state_open(dbfile, O_RDONLY, 0); > + if (db =3D=3D NULL) { > + (*lfun)(LOG_ERR, "Can't open `%s' to restore state (%m)", > + dbfile); > + return; > + } > + for (f =3D 1; state_iterate(db, &c, &dbi, f) =3D=3D 1; f =3D 0) { > + if (dbi.id[0] =3D=3D '\0') > + continue; > + (void)run_change("add", &c, dbi.id, sizeof(dbi.id)); > + state_put(state, &c, &dbi); > + } > + state_close(db); > + state_sync(state); > +} > + > +int > +main(int argc, char *argv[]) > +{ > + int c, tout, flags, flush, restore, ret; > + const char *spath, **blsock; > + size_t nblsock, maxblsock; > + > + setprogname(argv[0]); > + > + spath =3D NULL; > + blsock =3D NULL; > + maxblsock =3D nblsock =3D 0; > + flush =3D 0; > + restore =3D 0; > + tout =3D 0; > + flags =3D O_RDWR|O_EXCL|O_CLOEXEC; > + while ((c =3D getopt(argc, argv, "C:c:D:dfP:rR:s:t:v")) !=3D -1) = { > + switch (c) { > + case 'C': > + controlprog =3D optarg; > + break; > + case 'c': > + configfile =3D optarg; > + break; > + case 'D': > + dbfile =3D optarg; > + break; > + case 'd': > + debug++; > + break; > + case 'f': > + flush++; > + break; > + case 'P': > + spath =3D optarg; > + break; > + case 'R': > + rulename =3D optarg; > + break; > + case 'r': > + restore++; > + break; > + case 's': > + if (nblsock >=3D maxblsock) { > + maxblsock +=3D 10; > + void *p =3D realloc(blsock, > + sizeof(*blsock) * maxblsock); > + if (p =3D=3D NULL) > + err(EXIT_FAILURE, > + "Can't allocate memory for %zu so= ckets", > + maxblsock); > + blsock =3D p; > + } > + blsock[nblsock++] =3D optarg; > + break; > + case 't': > + tout =3D atoi(optarg) * 1000; > + break; > + case 'v': > + vflag++; > + break; > + default: > + usage(c); > + } > + } > + > + argc -=3D optind; > + if (argc) > + usage('?'); > + > + signal(SIGHUP, sighup); > + signal(SIGINT, sigdone); > + signal(SIGQUIT, sigdone); > + signal(SIGTERM, sigdone); > + signal(SIGUSR1, sigusr1); > + signal(SIGUSR2, sigusr2); > + > + openlog(getprogname(), LOG_PID, LOG_DAEMON); > + > + if (debug) { > + lfun =3D dlog; > + if (tout =3D=3D 0) > + tout =3D 5000; > + } else { > + if (tout =3D=3D 0) > + tout =3D 15000; > + } > + > + update_interfaces(); > + conf_parse(configfile); > + if (flush) { > + rules_flush(); > + if (!restore) > + flags |=3D O_TRUNC; > + } > + > + struct pollfd *pfd =3D NULL; > + bl_t *bl =3D NULL; > + size_t nfd =3D 0; > + size_t maxfd =3D 0; > + > + for (size_t i =3D 0; i < nblsock; i++) > + addfd(&pfd, &bl, &nfd, &maxfd, blsock[i]); > + free(blsock); > + > + if (spath) { > + FILE *fp =3D fopen(spath, "r"); > + char *line; > + if (fp =3D=3D NULL) > + err(EXIT_FAILURE, "Can't open `%s'", spath); > + for (; (line =3D fparseln(fp, NULL, NULL, NULL, 0)) !=3D = NULL; > + free(line)) > + addfd(&pfd, &bl, &nfd, &maxfd, line); > + fclose(fp); > + } > + if (nfd =3D=3D 0) > + addfd(&pfd, &bl, &nfd, &maxfd, _PATH_BLSOCK); > + > + state =3D state_open(dbfile, flags, 0600); > + if (state =3D=3D NULL) > + state =3D state_open(dbfile, flags | O_CREAT, 0600); > + if (state =3D=3D NULL) > + return EXIT_FAILURE; > + > + if (restore) { > + if (!flush) > + rules_flush(); > + rules_restore(); > + } > + > + if (!debug) { > + if (daemon(0, 0) =3D=3D -1) > + err(EXIT_FAILURE, "daemon failed"); > + if (pidfile(NULL) =3D=3D -1) > + err(EXIT_FAILURE, "Can't create pidfile"); > + } > + > + for (size_t t =3D 0; !done; t++) { > + if (readconf) { > + readconf =3D 0; > + conf_parse(configfile); > + } > + ret =3D poll(pfd, (nfds_t)nfd, tout); > + if (debug) > + (*lfun)(LOG_DEBUG, "received %d from poll()", ret= ); > + switch (ret) { > + case -1: > + if (errno =3D=3D EINTR) > + continue; > + (*lfun)(LOG_ERR, "poll (%m)"); > + return EXIT_FAILURE; > + case 0: > + state_sync(state); > + break; > + default: > + for (size_t i =3D 0; i < nfd; i++) > + if (pfd[i].revents & POLLIN) > + process(bl[i]); > + } > + if (t % 100 =3D=3D 0) > + state_sync(state); > + if (t % 10000 =3D=3D 0) > + update_interfaces(); > + update(); > + } > + state_close(state); > + return 0; > +} > diff --git a/contrib/blocklist/bin/old_internal.c b/contrib/blocklist/bin= /old_internal.c > new file mode 100644 > index 000000000000..79093cc8b8ab > --- /dev/null > +++ b/contrib/blocklist/bin/old_internal.c > @@ -0,0 +1,50 @@ > +/* $NetBSD: internal.c,v 1.2 2025/02/11 17:48:30 christos Exp $ *= / > + > +/*- > + * Copyright (c) 2015 The NetBSD Foundation, Inc. > + * All rights reserved. > + * > + * This code is derived from software contributed to The NetBSD Foundati= on > + * by Christos Zoulas. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in th= e > + * documentation and/or other materials provided with the distributio= n. > + * > + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBU= TORS > + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT L= IMITED > + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTI= CULAR > + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBU= TORS > + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, O= R > + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF > + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSIN= ESS > + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER = IN > + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWIS= E) > + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED O= F THE > + * POSSIBILITY OF SUCH DAMAGE. > + */ > +#ifdef HAVE_CONFIG_H > +#include "config.h" > +#endif > + > +#ifdef HAVE_SYS_CDEFS_H > +#include > +#endif > +__RCSID("$NetBSD: internal.c,v 1.2 2025/02/11 17:48:30 christos Exp $"); > + > +#include > +#include > +#include "conf.h" > +#include "old_internal.h" > + > +int debug; > +const char *rulename =3D "blacklistd"; > +const char *controlprog =3D _PATH_BLCONTROL; > +struct confset lconf, rconf; > +struct ifaddrs *ifas; > +void (*lfun)(int, const char *, ...) =3D syslog; > diff --git a/contrib/blocklist/bin/old_internal.h b/contrib/blocklist/bin= /old_internal.h > new file mode 100644 > index 000000000000..becee563e81d > --- /dev/null > +++ b/contrib/blocklist/bin/old_internal.h > @@ -0,0 +1,58 @@ > +/* $NetBSD: internal.h,v 1.1.1.1 2020/06/15 01:52:53 christos Exp $ = */ > + > +/*- > + * Copyright (c) 2015 The NetBSD Foundation, Inc. > + * All rights reserved. > + * > + * This code is derived from software contributed to The NetBSD Foundati= on > + * by Christos Zoulas. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in th= e > + * documentation and/or other materials provided with the distributio= n. > + * > + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBU= TORS > + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT L= IMITED > + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTI= CULAR > + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBU= TORS > + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, O= R > + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF > + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSIN= ESS > + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER = IN > + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWIS= E) > + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED O= F THE > + * POSSIBILITY OF SUCH DAMAGE. > + */ > +#ifndef _OLD_INTERNAL_H > +#define _OLD_INTERNAL_H > + > +#ifndef _PATH_BLCONF > +#define _PATH_BLCONF "/etc/blacklistd.conf" > +#endif > +#ifndef _PATH_BLCONTROL > +#define _PATH_BLCONTROL "/usr/libexec/blacklistd-helper" > +#endif > +#ifndef _PATH_BLSTATE > +/* We want the new name, the old one would be incompatible after 24932b6= */ > +#define _PATH_BLSTATE "/var/db/blocklistd.db" > +#endif > + > +extern struct confset rconf, lconf; > +extern int debug; > +extern const char *rulename; > +extern const char *controlprog; > +extern struct ifaddrs *ifas; > + > +#if !defined(__syslog_attribute__) && !defined(__syslog__) > +#define __syslog__ __printf__ > +#endif > + > +extern void (*lfun)(int, const char *, ...) > + __attribute__((__format__(__syslog__, 2, 3))); > + > *** 2507 LINES SKIPPED *** --=20 Jose Luis Duran