Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 09 Aug 2024 18:08:10 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 280516] blacklistd: Silence a bogus warning about the blacklistd anchor not being found
Message-ID:  <bug-280516-227-C2wRwtsgsw@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280516-227@https.bugs.freebsd.org/bugzilla/>
References:  <bug-280516-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280516

--- Comment #4 from Jose Luis Duran <jlduran@gmail.com> ---
(In reply to Mark Johnston from comment #3)

There are two issues:

1. The main issue: blacklistd-helper should discard stderr when invoking the
flush action (it already does for the add action). This has been submitted
upstream (https://github.com/zoulasc/blocklist/pull/11). The attached patch=
 has
the proposed fix (just sweep the warnings under the rug).

2. The warnings in pf:

2.1. Use the attached sample pf.conf: it contains a "blacklistd/*" anchor, =
any
anchor will do.

2.2. First test: After reloading the rules, issue:

    # pfctl -a blacklistd -sA
    Anchor 'blacklistd' not found.

The anchor exists, and it works as it should. Seeing this message in the dm=
esg
the first time threw me off a little, thinking blacklistd was not going to =
be
able to add blocking rules (this can be silenced by applying step 1).  I
*think* this is one bug in pfctl.

2.3. Issue pfctl, specifying the anchor with all modifiers, just focusing on
the warnings/errors:

    # pfctl -a blacklistd -sa 1> /dev/null
    pfctl: DIOCGETETHRULES: No such file or directory
    pfctl: DIOCGETRULES: Invalid argument
    pfctl: DIOCGETRULES: Invalid argument
    pfctl: DIOCGETRULES: Invalid argument

I would guess this is another bug in pfctl.

2.4. Optionally, use the attached pfctl.c diff, that allready has "XXX" mar=
ks
on the paths that trigger the warnings above.

Note that pf works fine, the warnings just don't seem right (to the untrain=
ed
eye).

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280516-227-C2wRwtsgsw>