From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE,MIME_QP_LONG_LINE
	autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 29715 invoked from network); 30 Jan 2023 05:01:32 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 30 Jan 2023 05:01:32 -0000
Received: from gaff.inri.net ([168.235.71.243]) by 9front; Sun Jan 29 23:59:34 -0500 2023
Received: from smtpclient.apple ([104.59.85.219]) by gaff; Sun Jan 29 23:59:34 -0500 2023
Content-Type: multipart/alternative; boundary=Apple-Mail-C4E398B4-85BD-4619-BCFC-CF03CFC76C45
Content-Transfer-Encoding: 7bit
From: Stanley Lieber <sl@stanleylieber.com>
Mime-Version: 1.0 (1.0)
Message-Id: <66272FA5-DDB8-4075-A8C1-ADC5C7BB1754@stanleylieber.com>
References: <870753E8408F0CA0264BF2A8C015D350@thinktankworkspaces.com>
In-Reply-To: <870753E8408F0CA0264BF2A8C015D350@thinktankworkspaces.com>
To: 9front@9front.org
Date: Sun, 29 Jan 2023 23:59:23 -0500
X-Mailer: iPhone Mail (20D47)
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: lossless anonymous JSON over SSL shader-based firewall 
Subject: Re: [9front] dns tools
Reply-To: 9front@9front.org
Precedence: bulk


--Apple-Mail-C4E398B4-85BD-4619-BCFC-CF03CFC76C45
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Jan 29, 2023, at 11:14 PM, william@thinktankworkspaces.com wrote:
>=20
> =EF=BB=BFDo we have any firewall tools? I would like to block some connect=
ions.=20
>=20
> I know you can tweak routing by messing with /net/ipifc/clone
>=20
> Just wanted to know if we have any other ways to block conncetions?
>=20
>=20
>=20
> Quoth Stanley Lieber <sl@stanleylieber.com>:
>> check out iwhois (documented in the tel man page).
>>=20
>> also: lookman dns.
>>=20
>> the existing tools are fairly manual and rudimentary.
>>=20
>> sl

there=E2=80=99s no generic firewall, but upas has some filtering options. sm=
tpd(8) reads the file /mail/blocked for blocked addresses, and has the -k fl=
ag to block ip addresses manually. the validatesender script (called by upas=
) checks for a spamhaus file at /mail/lib/spamhaus. there are also ratfs(4) a=
nd scanmail(8), which provide more complex filtering mechanisms.

sl


         =20=

--Apple-Mail-C4E398B4-85BD-4619-BCFC-CF03CFC76C45
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto"><div dir=3D"ltr"></div><div dir=3D"ltr">On J=
an 29, 2023, at 11:14 PM, william@thinktankworkspaces.com wrote:</div><div d=
ir=3D"ltr"><blockquote type=3D"cite"><br></blockquote></div><blockquote type=
=3D"cite"><div dir=3D"ltr">=EF=BB=BF<span>Do we have any firewall tools? I w=
ould like to block some connections. </span><br><span></span><br><span>I kno=
w you can tweak routing by messing with /net/ipifc/clone</span><br><span></s=
pan><br><span>Just wanted to know if we have any other ways to block conncet=
ions?</span><br><span></span><br><span></span><br><span></span><br><span>Quo=
th Stanley Lieber &lt;sl@stanleylieber.com&gt;:</span><br><blockquote type=3D=
"cite"><span>check out iwhois (documented in the tel man page).</span><br></=
blockquote><blockquote type=3D"cite"><span></span><br></blockquote><blockquo=
te type=3D"cite"><span>also: lookman dns.</span><br></blockquote><blockquote=
 type=3D"cite"><span></span><br></blockquote><blockquote type=3D"cite"><span=
>the existing tools are fairly manual and rudimentary.</span><br></blockquot=
e><blockquote type=3D"cite"><span></span><br></blockquote><blockquote type=3D=
"cite"><span>sl</span></blockquote><blockquote type=3D"cite"><span></span></=
blockquote></div></blockquote><br><div>there=E2=80=99s no generic firewall, b=
ut upas has some filtering options.&nbsp;<span style=3D"caret-color: rgb(0, 0=
, 0); color: rgb(0, 0, 0);">smtpd(8)&nbsp;</span><span style=3D"caret-color:=
 rgb(0, 0, 0); color: rgb(0, 0, 0);">reads the file /mail/blocked for blocke=
d addresses, and&nbsp;</span><span style=3D"caret-color: rgb(0, 0, 0); color=
: rgb(0, 0, 0);">has the -k flag to block ip addresses manually</span>. the v=
alidatesender script (called by upas) checks for a spamhaus file at /mail/li=
b/spamhaus. there are also ratfs(4) and scanmail(8), which provide more comp=
lex filtering mechanisms.</div><div></div><div><br></div><div>sl</div><div><=
br></div><div><pre style=3D"-webkit-text-size-adjust: auto; cursor: url(&quo=
t;http://9front.org/img/cursor.png&quot;), auto; flex-basis: 100%; font-fami=
ly: Courier, &quot;Lucida Console&quot;, &quot;Courier New&quot;, serif; car=
et-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">
          </pre></div></body></html>=

--Apple-Mail-C4E398B4-85BD-4619-BCFC-CF03CFC76C45--