[Bug 224415] 460.status-mail-rejects and 520.pfdenied appear broken
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Nov 4 20:44:35 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224415
sigsys at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sigsys at gmail.com
--- Comment #2 from sigsys at gmail.com ---
I noticed the problem with 520.pfdenied not reporting denied packets anymore as
well. Seems like the problem appeared when support for blacklistd anchors was
added.
Here's a fix:
diff --git a/usr.sbin/periodic/etc/security/520.pfdenied
b/usr.sbin/periodic/etc/security/520.pfdenied
index e3021ce857c..69d9df78436 100755
--- a/usr.sbin/periodic/etc/security/520.pfdenied
+++ b/usr.sbin/periodic/etc/security/520.pfdenied
@@ -46,7 +46,7 @@ then
TMP=`mktemp -t security`
for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null)
do
- pfctl -a ${_a} -sr -v -z 2>/dev/null | \
+ pfctl -a "${_a}" -sr -v -z 2>/dev/null | \
nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if
($5 > 0) print buf$0;} }' >> ${TMP}
done
if [ -s ${TMP} ]; then
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list