The most common use case for blacklistd is to add excessive
SSH login attempts to the list of hosts to be blocked. The
user can define when that should happen and how long the IPs
should be listed there. The chapter describes the syntax and
how to set it up.
The examples use PF, but it is possible to use other firewalls
with blacklistd as well.
Reviewed by: kp
Event: EuroBSDcon 2019 Hackathon
Differential Revision: https://reviews.freebsd.org/D20568
- there default settings -> their default settings
- there be -> there must be
PR: 240667
Submitted by: pauamma@gundo.com
Event: EuroBSDcon 2019 Hackathon
and the BETA1 builds are in flight.
- Document __FreeBSD_version numbers 1201000 and 1201500.
- Add releng/12.1 to the list of branches in the releng page.
Approved by: re (implicit)
Sponsored by: Rubicon Communications, LLC (Netgate)
remove another superfluous word in the same
sentence while here. Put a sentence stop after
the command to split this long sentence into two.
PR: 240656
Submitted by: pauamma@gundo.com
Summary: This rule doesn't seem to make sense any more. Let's remove it.
Reviewers: #portmgr, adamw, mat
Reviewed By: #portmgr, adamw, mat
Differential Revision: https://reviews.freebsd.org/D21158
build.
- Comment the checksum file names.
- Bump _REVMINOR and _BRANCH.
- Rework the _BRANCH evaluation used to determine from where to
check out the share/man/man4 directory for manual pages to
use releng/X.Y for BETA, in addition to RC and RELEASE builds.
Sponsored by: Rubicon Communications, LLC (Netgate)
pages. These are not yet connected to the build.
Prune errata page entries from 12.0-RELEASE, and bump the copyright
years as appropriate.
Sponsored by: Rubicon Communications, LLC (Netgate)
Ntpd has evolved considerably in recent years and the handbook has fallen
out of date. Notable updates include...
- The sample ntp.conf file in the handbook was a bad example that, if used,
would expose the user to potential network attacks or exploits by
allowing full query and control access to ntpd. The sample config now
contains the restrict options that are considered current best practices
for a public-facing ntpd daemon. The config would actually work (and be
safe) even if a user just blindly cut and pastes it.
- The new(-ish) ntp.conf 'pool' keyword is featured prominently in the
sample, and the existence of the FreeBSD project-sponsored pool is
documented.
- Separate subsections now exist for ntp.conf and the rc.conf variables
that affect how ntpd runs. The existence and effect of the un-obvious
ntpd_oomprotect rc variable is mentioned.
- A new subsection describes running ntpd as the unpriveleged ntpd user. It
details how certain configurations can prevent the rc.d script from
automatically running ntpd unpriveleged, and describes how to manually
configure unpriveleged operation in those cases.
- It now mentions the fact that firewalls need to be configured to pass udp
packets on port 123 for ntpd to operate.
Approved by: allanjude
Differential Revision: https://reviews.freebsd.org/D21659
Mention the chpass command as a way to change the language.
Add an example with a short description on how to use chpass to change the
language for an existing user.
- use two spaces at sentence start
- space before content
- wrap long line
- start content on same line
- straggling <tag>
- put listing on same line
- add blank line after <tag> on previous line
- wrap long lines
- use tabs instead of spaces
- space after content (inserting a )
- capitalization
- use two spaces at sentence start
Event: vBSDcon 2019
