Step 1: syslog
There are many different syslog daemons. If you’re using one not listed here and have a working configuration, please get in touch!
Rationale
When the BNS sends an update the blocklist add-on processes all the IPs very quickly, and for each IP there will be an entry in the log file. It is therefore very important that you use a different log file from the standard catch-all (usually /var/log/messages) to avoid swamping it.
Let’s assume you’re going to use local3.
FreeBSD
xxxxxxxxxx
$ cd /usr/local/etc/syslog.d
$ cat local3.conf
local3.* /var/log/wpf2b-blocklist.log
$ cd /usr/local/etc/newsyslog.conf.d
$ cat local3.conf
# logfilename [owner:group] mode count size when flags
/var/log/wpf2b-blocklist.log 600 7 * @T00 J
$
Once you’ve got the config files as you want them, don’t forget to reload/restart the services:
xxxxxxxxxx
$ service syslogd reload
$ service newsyslog restart
$