From 629d57262aca8ca6f675790866c3b75c23b0130f Mon Sep 17 00:00:00 2001
From: Solene Rapenne <solene@perso.pw>
Date: Sun, 28 Feb 2021 14:07:01 +0100
Subject: [PATCH] Enable blocking as root, ipv4 only

---
 main.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/main.c b/main.c
index 5d06433..733b651 100644
--- a/main.c
+++ b/main.c
@@ -12,10 +12,8 @@ int main(void){
         socklen_t slen = sizeof(sock);
         char host[1024] = "";
         char port[1044] = "";
-        char cmd[1000] = "";
         int status;
 
-	unveil("/usr/bin/doas", "rx");
 	unveil("/sbin/pfctl", "rx");
 	pledge("exec inet dns stdio", NULL);
 
@@ -31,13 +29,10 @@ int main(void){
 	}
 
 	syslog(LOG_DAEMON, "blocking %s", host);
-	snprintf(cmd, sizeof(cmd), "/sbin/pfctl -t blocked -T add %s", host);
-
-	syslog(LOG_DAEMON, "%s", cmd);
         switch(sock. sa_family)
         {
             case AF_INET:
-                    execlp(cmd, cmd, NULL);
+                    execlp("/sbin/pfctl", "pfctl", "-t", "blocked", "-T", "add", host, NULL);
                     break;
             // case AF_INET6:
             //         printf("%s %s\n", host, cmd);