NetBSD Problem Report #55492

From hf@spg.tu-darmstadt.de  Wed Jul 15 09:40:43 2020
Return-Path: <hf@spg.tu-darmstadt.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 350871A9213
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 15 Jul 2020 09:40:43 +0000 (UTC)
Message-Id: <202007150940.06F9eYR4028316@Gstoder.nt.e-technik.tu-darmstadt.de>
Date: Wed, 15 Jul 2020 11:40:34 +0200 (CEST)
From: Hauke Fath <hf@spg.tu-darmstadt.de>
Reply-To: Hauke Fath <hf@spg.tu-darmstadt.de>
To: gnats-bugs@NetBSD.org
Cc: Hauke Fath <hf@spg.tu-darmstadt.de>
Subject: Cannot remove blocked entries with blacklistctl / blocklistctl 
X-Send-Pr-Version: 3.95

>Number:         55492
>Category:       bin
>Synopsis:       Cannot remove blocked entries with blacklistctl / blocklistctl
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Jul 15 09:45:00 +0000 2020
>Originator:     Hauke Fath
>Release:        NetBSD 9.0_STABLE
>Organization:
Technische Universitaet Darmstadt
>Environment:


System: NetBSD Gstoder 9.0_STABLE NetBSD 9.0_STABLE (GA-MA770-UD3-$Revision$) #1: Tue May 5 13:46:33 CEST 2020 hf@Hochstuhl:/var/obj/netbsd-builds/9/amd64/sys/arch/amd64/compile/GA-MA770-UD3 amd64
Architecture: x86_64
Machine: amd64
>Description:

	I am not aware of an easy way to manually remove / expire a
	blocking entry from the bl?cklist database. As of netbsd-9,
	the bl?cklistctl(8) man page does not mention the issue.

	Removing the dynamically created npf rule with

	npfctl rule blacklistd list
	npfctl rule blacklistd rem-id <id>

	(which bl?cklistctl(8) should probably document, too, given
	the sorry documentation state of npf(4)) will of course do
	nothing to bl?cklistd's database.


>How-To-Repeat:

	Notice that a legitimate client has been bl?cklisted, try to
	remove the block, find you cannot (short of drastic measures
	like deleting the entire bl?cklist database).


>Fix:

	Please add the necessary functionality to blocklistctl, and
	its man page.

	Needs a pull-up to netbsd-{8,9}.



>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.