From df549a80425635d98419f7f742309d66d367e65f Mon Sep 17 00:00:00 2001 From: Jose Luis Duran Date: Mon, 27 Oct 2025 12:43:42 +0000 Subject: [PATCH] Vendor import of blocklist 2025-10-26 (ff13526) Upstream hash ff13526654d8cae3f90aacde2f64023ea1916c2d. Obtained from: https://github.com/zoulasc/blocklist --- bin/blocklistctl.8 | 8 ++++++-- bin/blocklistd.c | 8 ++++---- bin/state.c | 6 +++--- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/bin/blocklistctl.8 b/bin/blocklistctl.8 index 7943c54159c..d241f284447 100644 --- a/bin/blocklistctl.8 +++ b/bin/blocklistctl.8 @@ -1,4 +1,4 @@ -.\" $NetBSD: blocklistctl.8,v 1.5 2025/10/25 16:56:27 christos Exp $ +.\" $NetBSD: blocklistctl.8,v 1.6 2025/10/26 13:49:22 christos Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd January 27, 2025 +.Dd October 25, 2025 .Dt BLOCKLISTCTL 8 .Os .Sh NAME @@ -82,6 +82,10 @@ sub-command consists of a header (unless was given) and one line for each record in the database, where each line has the following columns: .Bl -tag -width indent +.It Ql rulename +The packet filter rule name associated with the database entry, +usually +.Dv blocklistd . .It Ql address/ma:port The remote address, mask, and local port number of the client connection associated with the database entry. diff --git a/bin/blocklistd.c b/bin/blocklistd.c index 20bd29c7683..7c39f00106f 100644 --- a/bin/blocklistd.c +++ b/bin/blocklistd.c @@ -1,4 +1,4 @@ -/* $NetBSD: blocklistd.c,v 1.11 2025/10/25 16:55:23 christos Exp $ */ +/* $NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $ */ /*- * Copyright (c) 2015 The NetBSD Foundation, Inc. @@ -35,7 +35,7 @@ #ifdef HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: blocklistd.c,v 1.11 2025/10/25 16:55:23 christos Exp $"); +__RCSID("$NetBSD: blocklistd.c,v 1.12 2025/10/25 18:43:51 christos Exp $"); #include #include @@ -329,8 +329,8 @@ update(void) (*lfun)(LOG_INFO, "released %s/%d:%d after %d seconds", buf, c.c_lmask, c.c_port, c.c_duration); } - state_del(state, &c); - goto again; + if (state_del(state, &c) == 0) + goto again; } } diff --git a/bin/state.c b/bin/state.c index 08e2622e223..bb93904f348 100644 --- a/bin/state.c +++ b/bin/state.c @@ -1,4 +1,4 @@ -/* $NetBSD: state.c,v 1.2 2025/02/11 17:48:30 christos Exp $ */ +/* $NetBSD: state.c,v 1.3 2025/10/25 18:43:51 christos Exp $ */ /*- * Copyright (c) 2015 The NetBSD Foundation, Inc. @@ -35,7 +35,7 @@ #ifdef HAVE_SYS_CDEFS_H #include #endif -__RCSID("$NetBSD: state.c,v 1.2 2025/02/11 17:48:30 christos Exp $"); +__RCSID("$NetBSD: state.c,v 1.3 2025/10/25 18:43:51 christos Exp $"); #include #include @@ -131,7 +131,7 @@ state_del(DB *db, const struct conf *c) (*lfun)(LOG_DEBUG, "%s: returns %d", __func__, rv); (*db->sync)(db, 0); } - return 0; + return rv; default: (*lfun)(LOG_ERR, "%s: failed (%m)", __func__); return -1;