I am playing around with blacklistd, pf and ssh. Besides that I had some trouble getting it to work because either the man-pages are not useful enough or I cannot read, I just cannot figure out how to remove an IP that blacklistd blocks.
For getting blacklistd working together with pf, I found by chance via googling that I have to use an anchor in pf:
Tbh I do not 100% understand anchors, but from what I've read something like
should show me some rule when something is blocked. But also -sa or pfctl -sa do not show me something useful, even though
shows me blocked IPs.
blacklistctl apparently doesn't help with removal, even so the ctl seems to be a program to control blacklistd. But apparently it only shows stuff…
So I tried to remove the banned IP with the following
(It also does not work with IPv4)
But the output is only "pfctl: Table does not exist."
I also cannot find any new tables which blacklist-helper seems to rely on. But the blocking works.
When I do not put in the port at the end I get a "invalid netmask '/'".
What am I doing wrong? How do I unban a IP if it is necessary?
P.s.: is there already a way to combine exim with blacklistd?
For getting blacklistd working together with pf, I found by chance via googling that I have to use an anchor in pf:
Code:
anchor "blacklistd/*" in on $ext_if
Code:
pfctl -a "blacklistd/*" -sr
Code:
blacklistctl -b
blacklistctl apparently doesn't help with removal, even so the ctl seems to be a program to control blacklistd. But apparently it only shows stuff…
So I tried to remove the banned IP with the following
Code:
/usr/libexec/blacklistd-helper rem ssh $banned-ipv6-address 128 22
But the output is only "pfctl: Table does not exist."
I also cannot find any new tables which blacklist-helper seems to rely on. But the blocking works.
When I do not put in the port at the end I get a "invalid netmask '/'".
What am I doing wrong? How do I unban a IP if it is necessary?
P.s.: is there already a way to combine exim with blacklistd?