Re: git: 79e374217d69 - main - blocklist: Fix rcorder(8)
- In reply to: Cy Schubert : "Re: git: 79e374217d69 - main - blocklist: Fix rcorder(8)"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 27 Oct 2025 16:19:16 UTC
On Mon, Oct 27, 2025 at 1:18 PM Cy Schubert <Cy.Schubert@cschubert.com> wrote: > > In message <CAPwQLce4Rrp_Vofg=MNyyFLXQPwuKgAShv3J9_hae9Rod4bQ7Q@mail.gmail.c > om> > , Jose Luis Duran writes: > > On Mon, Oct 27, 2025 at 12:58=E2=80=AFPM Cy Schubert <Cy.Schubert@cschubert= > > .com> wrote: > > > > > > In message <202510271547.59RFlnxW096622@gitrepo.freebsd.org>, Jose Luis > > > Duran w > > > rites: > > > > The branch main has been updated by jlduran: > > > > > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=3D79e374217d69a98161fc91a2= > > 86dacf1f > > > > 78090894 > > > > > > > > commit 79e374217d69a98161fc91a286dacf1f78090894 > > > > Author: Jose Luis Duran <jlduran@FreeBSD.org> > > > > AuthorDate: 2025-10-27 15:46:32 +0000 > > > > Commit: Jose Luis Duran <jlduran@FreeBSD.org> > > > > CommitDate: 2025-10-27 15:46:32 +0000 > > > > > > > > blocklist: Fix rcorder(8) > > > > > > > > The blocklist daemon depends on a packet filter in order to block. > > > > > > > > Add all supported packet filters to the REQUIRE line, not just pf, = > > to > > > > indicate rcorder(8) that it should start after the packet filter se= > > rvice > > > > has started. > > > > > > > > While here, change the mode of the rc file to include the executabl= > > e > > > > bit, just like the rest of the files in the rc.d source directory. > > > > > > > > Reviewed by: 0mp > > > > MFC after: 2 days > > > > Differential Revision: https://reviews.freebsd.org/D53364 > > > > --- > > > > libexec/rc/rc.d/blacklistd | 2 +- > > > > libexec/rc/rc.d/blocklistd | 2 +- > > > > 2 files changed, 2 insertions(+), 2 deletions(-) > > > > > > > > diff --git a/libexec/rc/rc.d/blacklistd b/libexec/rc/rc.d/blacklistd > > > > index 9157e258f43f..175e3e8c56b3 100755 > > > > --- a/libexec/rc/rc.d/blacklistd > > > > +++ b/libexec/rc/rc.d/blacklistd > > > > @@ -29,7 +29,7 @@ > > > > # > > > > > > > > # PROVIDE: blacklistd > > > > -# REQUIRE: netif pf > > > > +# REQUIRE: netif ipfilter ipfw pf > > > > > > This means all three, ipfilter AND ipfw AND pf, must be enabled and > > > started. What if one uses only one of the three? > > > > No, per rcorder(8) BUGS section: > > > > The REQUIRE keyword is misleading: > > It does not describe which daemons have to be running before a script > > will be started. > > It describes which scripts must be placed before it in the dependency order= > > ing. > > > > 0mp@ even suggests creating a FIREWALL(S) script to represent that an > > rc script should start after the firewall (any one or many) has > > started. I agree, but I cannot immediately submit a patch for it. > > I stand corrected. Thanks. No problem! It is indeed misleading. > > > > > > > > > > > . /etc/rc.subr > > > > > > > > diff --git a/libexec/rc/rc.d/blocklistd b/libexec/rc/rc.d/blocklistd > > > > old mode 100644 > > > > new mode 100755 > > > > index 24cbae77fd40..f979162ec3e0 > > > > --- a/libexec/rc/rc.d/blocklistd > > > > +++ b/libexec/rc/rc.d/blocklistd > > > > @@ -29,7 +29,7 @@ > > > > # > > > > > > > > # PROVIDE: blocklistd > > > > -# REQUIRE: netif pf > > > > +# REQUIRE: netif ipfilter ipfw pf > > > > > > Ditto. > > > > > > > > > > > . /etc/rc.subr > > > > > > > > > > > > > > > > > -- > > > Cheers, > > > Cy Schubert <Cy.Schubert@cschubert.com> > > > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > > > NTP: <cy@nwtime.org> Web: https://nwtime.org > > > > > > e**(i*pi)+1=3D0 > > > > > > > > > > > > --=20 > > Jose Luis Duran > > > > -- > Cheers, > Cy Schubert <Cy.Schubert@cschubert.com> > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > NTP: <cy@nwtime.org> Web: https://nwtime.org > > e**(i*pi)+1=0 > > -- Jose Luis Duran