NetBSD Problem Report #55492

From  Wed Jul 15 09:40:43 2020
Return-Path: <>
Received: from ( [])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "", Issuer " CA" (not verified))
	by (Postfix) with ESMTPS id 350871A9213
	for <>; Wed, 15 Jul 2020 09:40:43 +0000 (UTC)
Message-Id: <>
Date: Wed, 15 Jul 2020 11:40:34 +0200 (CEST)
From: Hauke Fath <>
Reply-To: Hauke Fath <>
Cc: Hauke Fath <>
Subject: Cannot remove blocked entries with blacklistctl / blocklistctl 
X-Send-Pr-Version: 3.95

>Number:         55492
>Category:       bin
>Synopsis:       Cannot remove blocked entries with blacklistctl / blocklistctl
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Jul 15 09:45:00 +0000 2020
>Originator:     Hauke Fath
>Release:        NetBSD 9.0_STABLE
Technische Universitaet Darmstadt

System: NetBSD Gstoder 9.0_STABLE NetBSD 9.0_STABLE (GA-MA770-UD3-$Revision$) #1: Tue May 5 13:46:33 CEST 2020 hf@Hochstuhl:/var/obj/netbsd-builds/9/amd64/sys/arch/amd64/compile/GA-MA770-UD3 amd64
Architecture: x86_64
Machine: amd64

	I am not aware of an easy way to manually remove / expire a
	blocking entry from the bl?cklist database. As of netbsd-9,
	the bl?cklistctl(8) man page does not mention the issue.

	Removing the dynamically created npf rule with

	npfctl rule blacklistd list
	npfctl rule blacklistd rem-id <id>

	(which bl?cklistctl(8) should probably document, too, given
	the sorry documentation state of npf(4)) will of course do
	nothing to bl?cklistd's database.


	Notice that a legitimate client has been bl?cklisted, try to
	remove the block, find you cannot (short of drastic measures
	like deleting the entire bl?cklist database).


	Please add the necessary functionality to blocklistctl, and
	its man page.

	Needs a pull-up to netbsd-{8,9}.


NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD:,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.