On Thu, Jun 01, 2023 at 05:05:16PM +0100, Patrick Welche wrote:
>
> What puzzles me is:
>
> # blocklistctl dump -a | wc
> 53 218 2497
>
> BUT:
>
> # npfctl rule blocklistd list | wc
> 3 45 254
>
> Only 3 hosts apparently being blocked by npf vs 53.
blocklistctl dumps the policy database.
npf doesn't implement that policy, but only specfic
blocking rules. blocklistd adds npf rules when the
policy is violated (e.g. the 3rd login failure)
and removes rules when a timeout is reached.
Greetings,
--
Michael van Elst
Internet: mlel...@serpens.de
"A potential Snark may lurk in every tree."
