Merge pull request 'fix_readme_path' (#4) from prx/iblock:fix_readme_path into main

Reviewed-on: #4

README.md

@@ -27,8 +27,8 @@ permit nopass _iblock cmd /sbin/pfctl
 Start inetd service with this in `/etc/inetd.conf`:
 
 ```
-666 stream tcp nowait _iblock /usr/local/bin/iblock iblock
+666 stream tcp nowait _iblock /usr/local/sbin/iblock iblock
-666 stream tcp6 nowait _iblock /usr/local/bin/iblock iblock
+666 stream tcp6 nowait _iblock /usr/local/sbin/iblock iblock
 ```
 
 You can change the PF table by adding it as a parameter like this:
@@ -36,8 +36,8 @@ You can change the PF table by adding it as a parameter like this:
 In this example, the parameter `blocklist` will add IPs to the `blocklist` PF table.
 
 ```
-666 stream tcp nowait _iblock /usr/local/bin/iblock iblock blocklist
+666 stream tcp nowait _iblock /usr/local/sbin/iblock iblock blocklist
-666 stream tcp6 nowait _iblock /usr/local/bin/iblock iblock blocklist
+666 stream tcp6 nowait _iblock /usr/local/sbin/iblock iblock blocklist
 ```
 
 Default is "iblocked" table.

main.c

@@ -44,22 +44,29 @@ int main(int argc, char *argv[]){
 		exit(1);
 	}
 
-	syslog(LOG_DAEMON, "blocking %s", ip);
 	switch (sock.ss_family) {
 	case AF_INET: /* FALLTHROUGH */
 	case AF_INET6:
 		id = fork();
 
-		// child process
+		if (id == -1) {
-		if (id == 0) {
+			syslog(LOG_DAEMON, "fork error");
-			execl("/usr/bin/doas", "doas", "/sbin/pfctl", "-t", table, "-T", "add", ip, NULL);
+			exit(1);
-		} else { // parent process
+		} else if (id == 0) {
+			// child process
+			syslog(LOG_DAEMON, "blocking %s", ip);
+			execl("/usr/bin/doas", "doas", "/sbin/pfctl",
+				"-t", table, "-T", "add", ip, NULL);
+
+		} else {
+			// parent process
 			wait(NULL);
+			syslog(LOG_DAEMON, "kill states for %s", ip);
+			execl("/usr/bin/doas", "doas", "/sbin/pfctl",
+				"-k", ip, NULL);
 		}
-		execl("/usr/bin/doas", "doas", "/sbin/pfctl", "-k", ip, NULL);
 		break;
 	default:
 		exit(2);
 	}
 }
-