diff options
| author | Kurt Lidl <lidl@FreeBSD.org> | 2017-02-22 21:50:37 +0000 |
|---|---|---|
| committer | Kurt Lidl <lidl@FreeBSD.org> | 2017-02-22 21:50:37 +0000 |
| commit | ea3431376ef0053a0a49fdac95afd42323d22a43 (patch) | |
| tree | 10b7f2490a2429ffe127b195ad15d150c25022e8 /contrib/blacklist | |
| parent | b8efe218154b680286fabba536828e822fc3265a (diff) | |
| download | src-test2-ea3431376ef0053a0a49fdac95afd42323d22a43.tar.gz src-test2-ea3431376ef0053a0a49fdac95afd42323d22a43.zip | |
Notes
Diffstat (limited to 'contrib/blacklist')
| -rw-r--r-- | contrib/blacklist/libexec/blacklistd-helper | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/contrib/blacklist/libexec/blacklistd-helper b/contrib/blacklist/libexec/blacklistd-helper index b5932f68f881..37f94a65b816 100644 --- a/contrib/blacklist/libexec/blacklistd-helper +++ b/contrib/blacklist/libexec/blacklistd-helper @@ -63,8 +63,11 @@ add) tname="port$6" /sbin/ipfw table $tname create type addr 2>/dev/null /sbin/ipfw -q table $tname add "$addr/$mask" - /sbin/ipfw -q add $rule drop $3 from "table("$tname")" to \ - any dst-port $6 && echo OK + # if rule number $rule does not already exist, create it + /sbin/ipfw show $rule >/dev/null 2>&1 || \ + /sbin/ipfw add $rule drop $3 from \ + table"("$tname")" to any dst-port $6 >/dev/null && \ + echo OK ;; npf) /sbin/npfctl rule "$2" add block in final $proto from \ |