NAME
mcblockd —
Server to automatically
block hosts and networks with pf
SYNOPSIS
| mcblockd |
[-c
configuration_file]
[-p
pid_file]
[-d] |
DESCRIPTION
mcblockd is the server portion of a system for automatically
populating pf tables. It is normally run on a gateway between the public
Internet and an internal network, and used to manipulate pf tables applied in
rules on the external (public) network interface. Clients of
mcblockd include
mcblocklog(1) and
mcblockc(1).
The following command line options are available:
- -c
configuration_file
- Specify the configuration
file. The default is /usr/local/etc/mcblockd.conf.
See
mcblockd.conf(5)
for configuration file syntax.
- -p pid_file
- Specify the process ID (pid)
file. mcblockd will store its PID in this file at
startup and remove the file on SIGTERM. The default is
/var/run/mcblockd.pid
- -d
- Run in the foreground and emit
syslog messages on stderr.
FILES
- /usr/local/etc/mcblockd.conf
- mcblockd
configuration file. See
mcblockd.conf(5)
for more information and
/usr/local/etc/mcblockd.conf.sample for an example.
- /usr/local/etc/mcblockd/id_rsa
- mcblockd
private key file, created with
dwmauth(1). This file
should be owned by root with permissions 0600. It must contain the private
part of a 2048-bit RSA key pair.
- /usr/local/etc/mcblockd/id_rsa.pub
- mcblockd
public key file, created with
dwmauth(1). This file
should be owned by root with permissions 0600. It must contain the public
part of a 2048-bit RSA key pair.
- /usr/local/etc/mcblockd/authorized_keys
- mcblockd
authorized keys file. This file contains a list of pulbic keys (one per
line) that are permitted access to mcblockd.
- /usr/local/etc/mcblockd/known_services
- mcblockd
known services file. This file is used when authenticating
dwmrdapd(8) and should
contain dwmrdapd's public key.
SEE ALSO
mcblockd.conf(5),
mcblocklog(1),
mcblockc(1),
dwmauth(1),
dwmrdapd(8),
dwmrdapd.conf(5)
COPYRIGHT
Copyright (c) 2017 Daniel W. McRobb
dwm@mcplex.net