On Sun, 07 Jan 2018 14:13:01 +0100 "Ronald Klop" <ronald-lists_at_klop.ws> said > On Sun, 17 Dec 2017 20:50:23 +0100, Chris H <bsd-lists_at_bsdforge.com> wrote: > > > I'm running on r326056, and periodic(8) doesn't seem to be working > > as expected; > > mail rejects: > > > > Checking for rejected mail hosts: > > usage: fetch [-146AadFlMmnPpqRrsUv] [-B bytes] [--bind-address=host] > > [--ca-cert=file] [--ca-path=dir] [--cert=file] [--crl=file] > > [-i file] [--key=file] [-N file] [--no-passive] [--no-proxy=list] > > [--no-sslv3] [--no-tlsv1] [--no-verify-hostname] > > [--no-verify-peer] > > [-o file] [--referer=URL] [-S bytes] [-T seconds] > > [--user-agent=agent-string] [-w seconds] URL ... > > fetch [-146AadFlMmnPpqRrsUv] [-B bytes] [--bind-address=host] > > [--ca-cert=file] [--ca-path=dir] [--cert=file] [--crl=file] > > [-i file] [--key=file] [-N file] [--no-passive] [--no-proxy=list] > > [--no-sslv3] [--no-tlsv1] [--no-verify-hostname] > > [--no-verify-peer] > > [-o file] [--referer=URL] [-S bytes] [-T seconds] > > [--user-agent=agent-string] [-w seconds] -h host -f file [-c dir] > > > > Also, 520.pfdenied doesn't produce any output. In fact, it doesn't appear > > to be run at all. > > > > Any thoughts, or advice on how to best proceed? > > > > Thanks! > > > > --Chris > > This looks the same as what I experienced. It will be fixed by upgrading > until at least this commit: > > http://www.secnetix.de/olli/FreeBSD/svnews/index.py?r=326343 It appears that you indicate anything past, or including r326343 resolves this I'll look into it. But FWIW I was able to get etc/periodic/security/520.pfdenied output working with the following diff(1): --- /etc/periodic/security/520.pfdenied.orig 2017-11-21 06:57:04.000000000 -0800 +++ /etc/periodic/security/520.pfdenied 2017-03-29 16:22:50.000000000 -0700 _at__at_ -24,7 +24,7 _at__at_ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: head/etc/periodic/security/520.pfdenied 306696 2016-10-04 23:12:35Z lidl $ +# $FreeBSD: head/etc/periodic/security/520.pfdenied 290405 2015-11-05 17:37:14Z lidl $ # # If there is a global system configuration file, suck it in. _at__at_ -44,13 +44,8 _at__at_ if check_yesno_period security_status_pfdenied_enable then TMP=`mktemp -t security` - for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null) - do - pfctl -a ${_a} -sr -v -z 2>/dev/null | \ - nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} - done - if [ -s ${TMP} ]; then - check_diff new_only pf ${TMP} "${host} pf denied packets:" + if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); print buf$0;} }' > ${TMP}; then + check_diff new_only pf ${TMP} "${host} pf denied packets:" fi rc=$? rm -f ${TMP} Thanks for taking the time to reply, Ronald! > > Ronald. > > --ChrisReceived on Sun Jan 07 2018 - 23:51:54 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:14 UTC