View Full Version : General MoBlock thread
jre
August 13th, 2011, 07:53 PM
Thanks a lot for the gui, I can finally stop using tail now :)
hehe, you're welcome. But you can now also do a quick whitelisting (permanent or temporarily) by just right-clicking on the blocked IP or port (without "restart" as it was necessary in mobloquer). - so this really is an improvement over "tail".
Previous version of PGL automatically whitelisted ports 80 & 443 but upgrading didn't keep that setting. No big deal but someone might wonder why web pages don't work anymore :)
Thanks, you are absolutely right!
The just mentioned easy whitelisting is also the reason why there is no default port whitelisting any more. Having ports 80 and 443 whitelisted is a certain security risk, because a malicious host may listen on just these ports. I can't tell you though, whether this is paranoid. So either whitelist them again, or add (quite many) IPs to the whitelist, it is up to you.
Gavin77
August 13th, 2011, 07:55 PM
Thanks, I'd already whitelisted them using the right-click menu, very handy it is too :)
Gavin77
August 14th, 2011, 12:25 PM
Found a possible bug. If I right-click and select temporarily allow a port, it does nothing and continues to be blocked.
jre
August 14th, 2011, 02:31 PM
Please start "pgl-gui" from the console and watch its output, when you do this.
Which port did you want to whitelist? Does it happen for all ports? For all directions?
Which other ports were already whitelisted? Please post "sudo iptables -L -nv".
Background: on whitelisting pgl-gui first checks if the item is already whitelisted, probably there is a false positive.
Gavin77
August 14th, 2011, 02:53 PM
Please start "pgl-gui" from the console and watch its output, when you do this.
Which port did you want to whitelist? Does it happen for all ports? For all directions?
Which other ports were already whitelisted? Please post "sudo iptables -L -nv".
Background: on whitelisting pgl-gui first checks if the item is already whitelisted, probably there is a false positive.
pgl-gui
** Debug: gSudo: ""
** Debug: ""
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ""
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: list size: 0
** Debug: list size: 0
** Debug: true
** Debug: ******************EXECUTE COMMAND***************
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ""
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ******************EXECUTE COMMAND***************
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "OUT: 192.168.2.2:45186 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48529 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:41787 130.237.188.216:6667 TCP || 2011-07 Unspecified Threat .........."
** Debug: "OUT: 192.168.2.2:45756 194.109.20.90:6667 TCP || GTS NOVERA a.s. | servicing Tripos | State Research Library | I"
** Debug: "OUT: 192.168.2.2:45724 195.18.164.194:6667 TCP || Ventelo Norge AS | DATAMETRIX AS | Pineapple Publishing AS"
** Debug: "OUT: 192.168.2.2:49977 195.47.220.2:6667 TCP || Ten BERG IP Network"
** Debug: "OUT: 192.168.2.2:43779 208.83.20.130:6667 TCP || Desync Networksfake bittorrent trackers | LogicalSolutions.net"
** Debug: "OUT: 192.168.2.2:56768 64.18.128.86:6667 TCP || RackVibe LLC | proxy.xzibition.com | security.team.from.armed.us"
** Debug: "OUT: 192.168.2.2:44766 66.186.59.50:6667 TCP || Alchemy Communications, Inc | LIONSGATE FILMS | JuriSearch, LLC"
** Debug: "OUT: 192.168.2.2:39688 69.16.172.34:6667 TCP || Highwinds Network Group | Robbins Green, P.A. | Jarin Industri"
** Debug: "OUT: 192.168.2.2:33998 69.16.172.40:6667 TCP || Highwinds Network Group | Robbins Green, P.A. | Jarin Industri"
** Debug: "OUT: 192.168.2.2:34991 70.33.251.254:6667 TCP || InfoRelay Online Systems, Inc. | AODINC | Legal Discovery LLC"
** Debug: "OUT: 192.168.2.2:45198 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48541 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:38684 173.234.32.42:6667 TCP || Nobis Technology Group, LLC | Eisenberg, Christine | Wu, David"
** Debug: "OUT: 192.168.2.2:49987 195.47.220.2:6667 TCP || Ten BERG IP Network"
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: ("/usr/bin/kdesudo "iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || iptables -I pgl_out -p tcp --dport 6667 -j RETURN"")
** Debug: start thread
** Debug: ******************EXECUTE COMMAND***************
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || iptables -I pgl_out -p tcp --dport 6667 -j RETURN"" () ...
** Debug: "Bad argument `|'
Try `iptables -h' or 'iptables --help' for more information."
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "OUT: 192.168.2.2:45206 94.125.182.255:6667 TCP || ATW Internet Kft. | 2011-07 Malware ....................."
** Debug: "OUT: 192.168.2.2:48549 95.141.29.22:6667 TCP || EuroTransit GmbH | 2011-07 Unspecified Threat .......... | Tor"
** Debug: "OUT: 192.168.2.2:41807 130.237.188.216:6667 TCP || 2011-07 Unspecified Threat .........."
** Debug: "OUT: 192.168.2.2:45776 194.109.20.90:6667 TCP || GTS NOVERA a.s. | servicing Tripos | State Research Library | I"
** Debug: "OUT: 192.168.2.2:45744 195.18.164.194:6667 TCP || Ventelo Norge AS | DATAMETRIX AS | Pineapple Publishing AS"
** Debug: "OUT: 192.168.2.2:49997 195.47.220.2:6667 TCP || Ten BERG IP Network"
sudo iptables -L -nv
Chain INPUT (policy ACCEPT 66 packets, 16567 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_fwd all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain OUTPUT (policy ACCEPT 74 packets, 13589 bytes)
pkts bytes target prot opt in out source destination
59 3573 pgl_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain pgl_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_in (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 224.0.0.251-224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 239.255.255.250-239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 source IP range 224.0.0.22-224.0.0.22
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_out (1 references)
pkts bytes target prot opt in out source destination
9 573 RETURN all -- * * 0.0.0.0/0 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
22 1320 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa reject-with icmp-port-unreachable
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 224.0.0.251-224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 239.255.255.250-239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 destination IP range 224.0.0.22-224.0.0.22
3 180 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
25 1500 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
The only ports I have whitelisted are 80 & 443. I was trying to temp allow 6667 so I can connect to IRC.
dino99
August 15th, 2011, 03:23 AM
Same issues here on Oneiric i386 (natty repo)
- before latest upgraded packages, all was working smoothly, now allowing the latest blocked url dont work (everything is shown as malware !!!)
- whitelisting dont work: both right-click and adding url
For example: i've tried to whitelist https://launchpadlibrarian.net
it fails both as url or port: says "invalid"
jre
August 15th, 2011, 01:07 PM
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || iptables -I pgl_out -p tcp --dport 6667 -j RETURN"" () ...
** Debug: "Bad argument `|'
Try `iptables -h' or 'iptables --help' for more information."
That's the rpoblem. Here exactly the same thing works. Pleasse check on your terminal:
sudo iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || sudo iptables -I pgl_out -p tcp --dport 6667 -j RETURN
echo $? I guess this works.
What's your
ls -l /bin/sh
Does it work if you change /usr/bin/pglcmd first line to #!/bin/bash
EDIT: That is probably useless, Try to change the /bin/sh link to bash (and revert it later to your current setting, so remember that. If unsure ask some Ubuntu guru.):
sudo rm /bin/sh
sudo ln -s /bin/bash /bin/sh
Which system are you on?
Same issues here on Oneiric i386 (natty repo)
- before latest upgraded packages, all was working smoothly, now allowing the latest blocked url dont work (everything is shown as malware !!!)
- whitelisting dont work: both right-click and adding url
For example: i've tried to whitelist https://launchpadlibrarian.net
it fails both as url or port: says "invalid"
Whitelisting URLs never worked! Did it? You have to use IPs instead. You may only use "service names" instead of port numbers.
I don't understand the "malware" - where is it shown?
Gavin77
August 15th, 2011, 01:42 PM
sudo iptables -L pgl_out -n | grep -x 'RETURN *tcp *-- *0.0.0.0/0 *0.0.0.0/0 *tcp dpt:6667 *' || sudo iptables -I pgl_out -p tcp --dport 6667 -j RETURN
gavin@kubuntu:~$ echo $?
0
ls -l /bin/sh
lrwxrwxrwx 1 root root 4 2011-08-06 00:55 /bin/sh -> dash
I'm on Kubuntu Natty.
DOS286
August 16th, 2011, 01:12 AM
I have several questions about the update.
1. I have been using peerguardian as a kiddie control service. It starts at system boot, blocks all internet activity except what I white list and the kids cannot change any settings with their login. I can deactivate from their account with a quick "su me" and "sudo pglcmd stop" and then turn it back on when I'm done. It worked a champ. Can I still have a similar set-up with the new version?
2. After the default install, will I need to change my settings to get it back how it was (ie., as a kiddie control system)?
I have forgotten a lot of what I did to get it setup the way I want. I want to update to the new suppa-fly gui, but don't want a week of 24-7 fiddling to get it to work the way I want. Any advice you can give would be great.
3. I noticed that in options -> settings, it lists kdesudo for the Sudo front-end. If I'm running gnome desktop, should I change this to gksudo? or keep it the same?
Thanks for the excellent program! It has worked a champ exactly as I want it to.:KS
jre
August 16th, 2011, 04:41 PM
@DOS286:
ad 1.) The way it works is generally unchanged, so yes.The GUI requires administrative rights to change settings, like pglcmd before.
ad 2.) Basically you just need to repeat your configuration steps. Relevant changes for you might be:
removed default whitelisting of ports 80 (http) and 443 (https)
place local blocklists in LOCAL_BLOCKLIST_DIR (/etc/pgl/blocklists.local) instead of MASTER_BLOCKLIST_DIR
removed debconf configuration (pgl-gui is better for this)
We got some issues reported for pgl-gui. Not major drawbacks, but generally you may wait a few days/weeks before updating. We have no official beta testers, only those which update the first day, and those who wait.
Just reuse the content of /etc/pglcmd to have a working identical pgl installation.
ad 3.) Both work, but with both ...sudo I have to retype my password everytime I need it (it doesn't remember it for e.g. 20 minutes). Therefore I use under Gnome gksu, which asks for root's password and allows to save it.
Jerriy
August 17th, 2011, 01:45 AM
Hi jre just for FMI (as opposed to FYI): do you happen to know which block list in moblock blocks Multicast addresses? Those kind of SSDP/DAAP/etc stuff that are instigaged by daemons like avahi (in my case usually triggered by media player programs that are roaming to find new local devices for supposedly "sharing" media files and stuff).
What should happen to that stuff? Should I allow or forbid media players from roaming or should I let moblocker bounce their requests (and thereby keep getting IPs like 224.0.0.251 and 239.255.255.250 appear on Moblocqer log every three or so minutes (I have the moblock supplied "bluetack/iana-multicast" disabled but they still appear on the "last blocks" log display because obviously there must be blocklists other than "iana-multicast" that are blocking Multicast IP addresses).
jre
August 18th, 2011, 12:59 PM
@Gavin77: you're still on the TODO!
@Jerriy: Probably some bogon list.
Try "blockcontrol search SEARCHTERM"
Where searchterm is the description of the blocked range from pgld.log
If you are ready to not use that lists, you will be absolutely fine with just allowing it. These ranges are just in the lists to prevent IP fakers from connecting to you. I'd just allow the ranges. Changing media players behaviour is ok of course, if you are fine with it.
Captain Easypants
August 19th, 2011, 06:09 AM
Sorry for the probably already answered question but...
just downloaded peer guardian 2.1.1 and I have no idea how to install it. Can anyone please help? I am running the latest ubuntu (11.04 natty narwal)
Gavin77
August 19th, 2011, 09:00 AM
Sorry for the probably already answered question but...
just downloaded peer guardian 2.1.1 and I have no idea how to install it. Can anyone please help? I am running the latest ubuntu (11.04 natty narwal)
https://launchpad.net/~jre-phoenix/+archive/ppa
Go to the above url and full instructions are under "Adding this PPA to your system".
Captain Easypants
August 19th, 2011, 05:33 PM
Well that was fairly simple in the end. thank you very much Gavin :)
now I just gotta figure out which blocklists are good and which are paranoia....
Also if anyone knows is there a quick option for allowing http traffic like there is on the windows version?
dino99
August 20th, 2011, 04:11 AM
Problem:
on Oneiric i386 (natty ppa) whitelist (pgl-gui) only works if "permanently" is chosen, i mean be able to unblock an url. If "temporarily" is chosen, moblock seems to do it job but the url is not unblocked, so its a fake allowing.
Request:
it should be usefull to add the url name for the allowed url (ie google.com) because xxx.xxx.xxx.xxx dont speak much some days/weeks later.
Could the pgl-gui box be more resizable (smaller) ?
jre
August 22nd, 2011, 02:55 PM
The temp-allow bug is fixed in the git repository (just wait for the upcoming 2.1.2 release).
Since it only occurs if you use kdesudo (the default) as graphical sudo frontend, you can use gksu instead as workaround for now. Note that gksu prompts for the root password, whil kdesudo prompts for the user password.
Request:
it should be usefull to add the url name for the allowed url (ie google.com) because xxx.xxx.xxx.xxx dont speak much some days/weeks later.I doubt that there is any technical solution to allow this. You'd need to do a DNS lookup for every IP. Do you know any app where this is implemented satisfyingly?
But you can still use the IP_REMOVE feature in pglcmd.conf, to remove lines containing the specified keywords.
Could the pgl-gui box be more resizable (smaller) ?Fixed in git.
jre
August 23rd, 2011, 04:37 PM
And here we are again: pgl 2.1.2
Most important it fixes the cannot-whitelist-temporarily-while-using-kdesudo bug.
The complete ChangeLog:
pgl 2.1.2
[jre]
* pgld/Makefile: moved LDFLAGS to end of rule. This should solve some
issues with newer gcc versions
* pgl-gui: swapped the restart and reload icons
* documentation updates
[freemind]
pgl-gui:
* fixed blank blocklist items, if blocklist is not from iblocklist.com
* fixed temporary allowing with right-click in the log window
kdesudo only accepts one command as argument, so execute all commands
through the tmp script.
* allow to specify the maximum log size (default 512 lines)
* reduced window's minimum width and height.
* removed unused mobloquer code
* minor fixes
If there are any issues left, that were mentioned in this thread, please remind me of them.
Gavin77
September 1st, 2011, 04:50 PM
I'm unable to install on 11.10 (Oneiric) as the files don't seem to be there due to a failed build.
https://launchpad.net/~jre-phoenix/+archive/ppa/+build/2739873
jre
September 2nd, 2011, 07:11 PM
Yes, I need to fix that. Anybody who knows what changed in oneiric?
Until then I think you can use the natty repository instead,
jre
September 5th, 2011, 05:27 PM
The oneiric build problems are solved. Just add my regular oneiric ppa to get pgl.
Gavin77
September 5th, 2011, 07:43 PM
Thanks for the updates.
Gavin77
September 18th, 2011, 08:06 AM
I just updated to pgl 2.1.3-1~oneiric and upon starting the gui I get an error message popping up several times.
jre
September 18th, 2011, 08:13 AM
Error code 6 means pglcmd is not configured correctly. So please check /var/log/pglcmd.log.
I assume you were running 2.1.2 successfully on oneiric. Did you change anything recently?
Gavin77
September 18th, 2011, 08:44 AM
It's not error code 6, there were 6 instances of the error message popping up :)
I haven't changed anything recently and the log files don't have anything relevent.
Gavin77
September 18th, 2011, 08:45 AM
Running from terminal gives:
gavin@kubuntu:~$ pgl-gui
** Debug: Graphical Sudo: ""
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: Graphical Sudo: ""
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: Connection to DBus was successful.
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: ""
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
jre
September 18th, 2011, 08:46 AM
Ah, ok sorry.
Then please start pgl-gui from a terminal and check the output there. Beneath the error messages - does it work?
Gavin77
September 18th, 2011, 08:51 AM
I dismissed the error boxes and clicked the button to reload and it disabled itself. Clicking on start gives an error message saying starting pgl.. fail.
sudo pglcmd restart from the terminal works properly.
Gavin77
September 18th, 2011, 08:52 AM
Added info, 2.1.2 on oneiric didn't work either, I had to use the natty version.
jre
September 18th, 2011, 09:00 AM
Ok, same time posting ;-)
Is "/usr/bin/which" installed at your system?
I assume you have an empty value in "Options - Setting - Sudo frontend". Was this intended or did it happen on its own? Since when do you have this setting? Setting a valid one (e.g. /usr/bin/kdesudo or /usr/bin/gksu) in there will probably remove the error messages.
I can reproduce the popup error messages here now, but even with an empty "sudo frontend" setting my system figures out to get it automatically (so e.g. clicking "start" works then):pgl-gui
** Debug: Graphical Sudo: ""
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: Graphical Sudo: ""
** Debug: virtual void ProcessT::run() Executing command "which kdesudo" () ...
** Debug: "/usr/bin/kdesudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: Connection to DBus was successful.
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksudo" () ...
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: "/usr/bin/gksudo"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which kdesu" () ...
** Debug: ""
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: virtual void ProcessT::run() Executing command "which gksu" () ...
** Debug: "/usr/bin/gksu"
** Debug: virtual void ProcessT::run() Command execution finished.
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd start"")
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd start"" () ...
** Debug: "INFO: Started."
** Debug: "Starting PeerGuardian Linux: pgld."
** Debug: virtual void ProcessT::run() Command execution finished.
** Debug: "INFO: ASCII: 210299 entries loaded from "/var/lib/pgl/master_blocklist.p2p""
** Debug: "INFO: Blocking 210299 IP ranges (2706263774 IPs)."
** Debug: "INFO: NFQUEUE: binding to queue 92"
** Debug: "INFO: ACCEPT mark: 20"
** Debug: "INFO: REJECT mark: 10"
Do you use Gnome or KDE? Or are there any other specific things to your system?
Gavin77
September 18th, 2011, 09:05 AM
Is "/usr/bin/which" installed at your system?
Yes, it is.
I assume you have an empty value in "Options - Setting - Sudo frontend". Was this intended or did it happen on its own? Since when do you have this setting? Setting a valid one (e.g. /usr/bin/kdesudo or /usr/bin/gksu) in there will probably remove the error messages.
That option is set to /usr/bin/kdesudo
Do you use Gnome or KDE? Or are there any other specific things to your system?
I use KDE, I'm not using any weird settings or anything, just default.
jre
September 18th, 2011, 09:14 AM
Does /usr/bin/kdesudo exist?
What happens if you start it with "sudo pgl-gui"?
Did you ever try the oneiric specific version 2.1.2.1-1~oneiric of 2011-09-04?
What was the problem with the oneiric version?
So 2.1.2-1~natty did work? What about 2.1.3-1~natty
Gavin77
September 18th, 2011, 09:15 AM
Can you reproduce this or is it only me?
In pgl-gui click on reload, it then disables.
Click start - error message saying failed.
Goto terminal - sudo pglcmd start - another fail message
sudo pglcmd restart - it then restarts
Gavin77
September 18th, 2011, 09:21 AM
Does /usr/bin/kdesudo exist?
Yes, it is there.
What happens if you start it with "sudo pgl-gui"?
Exactly the same problems.
Did you ever try the oneiric specific version 2.1.2.1-1~oneiric of 2011-09-04?
Yes, that didn't work for me.
What was the problem with the oneiric version?
Same problems with the gui (sorry for not reporting them then).
So 2.1.2-1~natty did work? What about 2.1.3-1~natty
Yes, the natty version worked perfectly.
I just removed 2.1.3 oneiric and installed the natty version and it works fine so it's definitely a problem with the oneiric one.
jre
September 18th, 2011, 09:29 AM
Clueless ... I thought I had solved the oneiric issues, once I got it building. So no, I can't reproduce this.
Since 2.1.3 Oneiric has the exact same source as all other packages, it is just built under a oneiric environment.
Is there any other oneiric user out there? Please report whether it works for you!
You may try to get more information with a backtrace. Start it with "gdb pgl-gui" and then type "run".
Gavin77
September 18th, 2011, 09:34 AM
gavin@kubuntu:~$ gdb pgl-gui
GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /usr/bin/pgl-gui...(no debugging symbols found)...done.
(gdb) run
Starting program: /usr/bin/pgl-gui
[Thread debugging using libthread_db enabled]
** Debug: Graphical Sudo: "/usr/bin/kdesudo"
[New Thread 0x7fffe8dba700 (LWP 16769)]
** Debug: Graphical Sudo: "/usr/bin/kdesudo"
** Debug: Connection to DBus was successful.
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd reload"")
[New Thread 0x7fffe1ff8700 (LWP 16775)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd reload"" () ...
** Debug: "* Reloading PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 16775) exited]
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd start"")
[New Thread 0x7fffe1ff8700 (LWP 16808)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd start"" () ...
** Debug: "* Starting PeerGuardian Linux pgld
...fail!"
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 16808) exited]
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd restart"")
[New Thread 0x7fffe1ff8700 (LWP 16827)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd restart"" () ...
** Debug: "INFO: Started."
** Debug: "* Restarting PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 16827) exited]
** Debug: "INFO: ASCII: 210337 entries loaded from "/var/lib/pgl/master_blocklist.p2p""
** Debug: "INFO: Blocking 210337 IP ranges (2706313290 IPs)."
** Debug: "INFO: NFQUEUE: binding to queue 92"
** Debug: "INFO: ACCEPT mark: 20"
** Debug: "INFO: REJECT mark: 10"
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd stop"")
[New Thread 0x7fffe1ff8700 (LWP 16991)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd stop"" () ...
** Debug: "INFO: Unbinding from nfqueue."
** Debug: "STATS: Blocked hit statistics:"
** Debug: "STATS: 0 hits total"
** Debug: "* Stopping PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 16991) exited]
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd start"")
[New Thread 0x7fffe1ff8700 (LWP 17048)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd start"" () ...
** Debug: "INFO: Started."
** Debug: "* Starting PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 17048) exited]
** Debug: "INFO: ASCII: 210337 entries loaded from "/var/lib/pgl/master_blocklist.p2p""
** Debug: "INFO: Blocking 210337 IP ranges (2706313290 IPs)."
** Debug: "INFO: NFQUEUE: binding to queue 92"
** Debug: "INFO: ACCEPT mark: 20"
** Debug: "INFO: REJECT mark: 10"
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd reload"")
[New Thread 0x7fffe1ff8700 (LWP 17169)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd reload"" () ...
** Debug: "* Reloading PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 17169) exited]
** Warning: bool hasPermissions(const QString&) Could not read from file "/etc/test_file"
** Debug: void SuperUser::executeCommands(QStringList, bool) Executing commands: ("/usr/bin/kdesudo "/usr/bin/pglcmd restart"")
[New Thread 0x7fffe1ff8700 (LWP 17202)]
** Debug: virtual void ProcessT::run() Executing command "/usr/bin/kdesudo "/usr/bin/pglcmd restart"" () ...
** Debug: "INFO: Started."
** Debug: "* Restarting PeerGuardian Linux pgld
...done."
** Debug: virtual void ProcessT::run() Command execution finished.
[Thread 0x7fffe1ff8700 (LWP 17202) exited]
** Debug: "INFO: ASCII: 210337 entries loaded from "/var/lib/pgl/master_blocklist.p2p""
** Debug: "INFO: Blocking 210337 IP ranges (2706313290 IPs)."
** Debug: "INFO: NFQUEUE: binding to queue 92"
** Debug: "INFO: ACCEPT mark: 20"
** Debug: "INFO: REJECT mark: 10"
Gavin77
September 18th, 2011, 09:36 AM
In the gui Start/Stop & Restart seem ok but the Reload button causes the problems.
Strangely enough, the popup error messages upon start of the gui seem to have gone away. I've closed/reopened the gui several times in a row without error.
jre
September 18th, 2011, 09:48 AM
According to your log you issued
reload
start
restart
stop
start
reload
restart
... and only the first "start" failed, but all other commands succeeded. Make sure to wait some seconds so that one command can finish.
Which version was this (dpkg -l pgl-gui)?
Gavin77
September 18th, 2011, 09:58 AM
dpkg -l pgl-gui
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Description
+++-==================-==================-================================================== ==
ii pgl-gui 2.1.3-1~oneiric PeerGuardian Linux GUI - pgl-gui
It doesn't matter how long I leave it, clicking on reload disables pgl and a following "start" will fail.
Gavin77
September 18th, 2011, 10:05 AM
I made a capture of what is happening.
http://www.youtube.com/watch?v=gyjdI6-IJOE
jre
September 18th, 2011, 10:08 AM
What happens for "pglcmd reload" on console?
Gavin77
September 18th, 2011, 10:11 AM
sudo pglcmd reload
* Reloading PeerGuardian Linux pgld [ OK ]
The gui shows it as disabled.
Maybe the gui isn't getting the message that it has reloaded and thinks it isn't running when it is?
jre
September 18th, 2011, 10:13 AM
"reload" is a no-op if pgl wasn't running before. So you have to first start it, and then "reload".
pgl-gui checks periodically if pgld is running.
Gavin77
September 18th, 2011, 10:17 AM
Yeah, pgl was running already before pressing reload.
"Reload" > terminal shows OK, GUI shows disabled
jre
September 18th, 2011, 10:42 AM
"Reload" > terminal shows OK, GUI shows disabled
Did only the command succeed or is it really running ("pglcmd status")
Gavin77
September 18th, 2011, 10:48 AM
After clicking on Reload in the gui:
sudo pglcmd status
<snip>
* pgld is not running
* pglcmd.wd is running
PID: 21217 CMD: /bin/sh /usr/sbin/pglcmd.wd
jre
September 18th, 2011, 10:51 AM
and after "pglcmd reload"?
Gavin77
September 18th, 2011, 10:51 AM
gavin@kubuntu:~$ sudo pglcmd reload
* Reloading PeerGuardian Linux pgld [ OK ]
gavin@kubuntu:~$ sudo pglcmd status
Current IPv4 iptables rules (this may take a while):
Chain INPUT (policy ACCEPT 1 packets, 105 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_fwd all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain OUTPUT (policy ACCEPT 1 packets, 52 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain pgl_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_in (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_out (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa reject-with icmp-port-unreachable
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.22
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Please check if the above printed iptables rules are correct!
* pgld is not running
* pglcmd.wd is running
PID: 22814 CMD: /bin/sh /usr/sbin/pglcmd.wd
gavin@kubuntu:~$ sudo pglcmd start
* Starting PeerGuardian Linux pgld [fail]
gavin@kubuntu:~$ sudo pglcmd status
Current IPv4 iptables rules (this may take a while):
Chain INPUT (policy ACCEPT 8 packets, 5717 bytes)
pkts bytes target prot opt in out source destination
1 64 pgl_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_fwd all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain OUTPUT (policy ACCEPT 9 packets, 2572 bytes)
pkts bytes target prot opt in out source destination
1 64 pgl_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain pgl_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_in (1 references)
pkts bytes target prot opt in out source destination
1 64 RETURN all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_out (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa reject-with icmp-port-unreachable
1 64 RETURN all -- * * 0.0.0.0/0 224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.22
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Please check if the above printed iptables rules are correct!
* pgld is not running
* pglcmd.wd is running
PID: 22814 CMD: /bin/sh /usr/sbin/pglcmd.wd
gavin@kubuntu:~$ sudo pglcmd restart
* Restarting PeerGuardian Linux pgld [ OK ]
gavin@kubuntu:~$ sudo pglcmd status
Current IPv4 iptables rules (this may take a while):
Chain INPUT (policy ACCEPT 6 packets, 1009 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_fwd all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain OUTPUT (policy ACCEPT 8 packets, 2602 bytes)
pkts bytes target prot opt in out source destination
0 0 pgl_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW mark match !0x14
Chain pgl_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_in (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 192.168.2.0/24 0.0.0.0/0
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain pgl_out (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.0/24
0 0 RETURN all -- * * 0.0.0.0/0 192.168.2.1
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0xa reject-with icmp-port-unreachable
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.251
0 0 RETURN all -- * * 0.0.0.0/0 239.255.255.250
0 0 RETURN all -- * * 0.0.0.0/0 224.0.0.22
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Please check if the above printed iptables rules are correct!
* pgld is running
PID: 23132 CMD: /usr/sbin/pgld -s -l /var/log/pgl/pgld.log -d -p /var/run/pgld.pid -q 92 -r 10 -a 20 /var/lib/pgl/master_blocklist.p2p
* pglcmd.wd is running
PID: 23141 CMD: /bin/sh /usr/sbin/pglcmd.wd
gavin@kubuntu:~$
Jerriy
October 11th, 2011, 12:10 PM
Hey jr I recently moved over to pgl
(...)
I have no idea what's going on but everything seems to be OK during the installation until a "configure pglcmd" menu came up and I pressed OK without changing anything and then the installation seem to abort halfway or whatever
And whatever is installed is not working (tray icon remains gray even when I press start/restart/reload/update
.
Jerriy
October 11th, 2011, 12:48 PM
Now I made a restart and get no error but a password question
Jerriy
October 11th, 2011, 01:00 PM
Oh never mind · it's working now (after reloggng and being asked a rather unfamiliar "kdesudo" dialogue appeared
I presume you have decided to make PGL some sort of "linux universal" program as opposed to the old ubutnu-spec mobloquer?
jre
October 11th, 2011, 01:29 PM
So no more problems?
I don't understand the picture in post 449.
Check your logfiles in /var/log/pgl/ to see what's going on.
I guess your initial problems were that the blocklists hadn't been downloaded yet, this may take some time.
All operations in pgl-gui require root priviledges. You can configure which graphical frontend is used to gain them (/usr/bin/kdesu or kdesudo orgksu or gksudo). Once you've given the password it will be remembered some time.
jre
October 11th, 2011, 01:33 PM
just seeing your post 551 now ... If you are running gnome you may change to /usr/bin/gksu,
moblock/blockcontrol/mobloquer always were general Linux. I'm on Debian. But we made some progress to make it easier to install on other distributions.
Jerriy
October 11th, 2011, 03:13 PM
Yes it's all working now thanks!
But I have one more question: With moblocker I used to work with the window open but at a minimum so that I have room for other windows while at the same time I can make a quick check on the status of what is "allowed"
But when I wanted to do that with PGL and open it at a minimum, then I no longer have access to all the features:
https://lh6.googleusercontent.com/-8sxsnHNSQzU/TpSRhLbxJtI/AAAAAAAAEtY/i51W5j9DW8o/Screenshot.png
Is that normal? Or is there something wrong?
I wish the "Whitelist" on the right was working (minimum of 1 line visible) just like the "Blocklists" on the left is fully functional within this "smallest" size window
.
jre
October 11th, 2011, 04:05 PM
Workaround for you, make the window a little bigger ;-)
We may increase the minimum window size to enforce this (bad idea). Or maybe save a little place in the items above. But IMO the Control tab is more important (see the log of blocked packets and do right-click-whitelisting), then the configuration tab which shouldn't be needed permanently.
Betyarka
October 28th, 2011, 06:21 AM
When i start peerblock /ubuntu 11.10/ this error send.
" p, li { white-space: pre-wrap; } Failed executing command(s). The following output was given:
""
You can also check "/var/log/pgl/pgld.log" or "/var/log/pgl/pglcmd.log" for more details.
What a problem ?
jre
October 29th, 2011, 09:11 AM
It's PeerGuardian Linux, not Peerblock.
What do you mean with "start": the automatic start of pgl daemon during boot, or the graphical pgl-gui? And what happens after you get this message - does it work anyway, or do you have any problems? Describe them.
If you have problems with the GUI, you may start it in a terminal with "pgl-gui" and check the output that you get then.
Further, you should do what you were told:
You can also check "/var/log/pgl/pgld.log" or "/var/log/pgl/pglcmd.log" for more details.
Really, if you want help, you should put some effort in your question :-/
Betyarka
October 29th, 2011, 10:09 AM
I little speak english. I am Hungary.
my pglcmd
:2011-10-27 22:15:30 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[74G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[74G[ OK ]
2011-10-27 22:15:30 CEST End: pglcmd stop
2011-10-28 07:26:48 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[122G[ OK ]
2011-10-28 07:26:48 CEST End: pglcmd stop
2011-10-28 09:35:27 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[122G[ OK ]
2011-10-28 09:35:27 CEST End: pglcmd stop
2011-10-28 12:02:52 CEST Begin: pglcmd reload
pgld is not running, doing nothing.
2011-10-28 12:02:52 CEST End: pglcmd reload
2011-10-28 15:05:25 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[122G[ OK ]
2011-10-28 15:05:25 CEST End: pglcmd stop
2011-10-28 19:13:05 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[122G[ OK ]
2011-10-28 19:13:05 CEST End: pglcmd stop
2011-10-29 06:31:49 CEST Begin: pglcmd update
Updating blocklists ...
Updating atma_atma... done.
Extracting atma_atma, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/atma_atma/downloaded/atma_atma
Extracting tzmtqbbsgbtfxainogvm.txt
Everything is Ok
Size: 6485753
Compressed: 506232
done.
Updating bluetack_dshield... done.
Extracting bluetack_dshield, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_dshield/downloaded/bluetack_dshield
Extracting bt_dshield.txt
Everything is Ok
Size: 7012
Compressed: 1714
done.
Updating bluetack_proxy... done.
Extracting bluetack_proxy, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_proxy/downloaded/bluetack_proxy
Extracting bt_proxy.txt
Everything is Ok
Size: 97578
Compressed: 17813
done.
Updating tbg_bogon... done.
Extracting tbg_bogon, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_bogon/downloaded/tbg_bogon
Extracting ewqglwibdgjttwttrinl.txt
Everything is Ok
Size: 38964
Compressed: 6061
done.
Updating tbg_business-isps... done.
Extracting tbg_business-isps, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_business-isps/downloaded/tbg_business-isps
Extracting jcjfaxgyyshvdbceroxf.txt
Everything is Ok
Size: 1675555
Compressed: 242247
done.
Updating tbg_general-corporate-ranges... done.
Extracting tbg_general-corporate-ranges, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_general-corporate-ranges/downloaded/tbg_general-corporate-ranges
Extracting ecqbsykllnadihkdirsh.txt
Everything is Ok
Size: 17744532
Compressed: 3374091
done.
Updating tbg_hijacked... done.
Extracting tbg_hijacked, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_hijacked/downloaded/tbg_hijacked
Extracting tbnuqfclfkemqivekikv.txt
Everything is Ok
Size: 14955
Compressed: 2619
done.
Updating tbg_primary-threats... done.
Extracting tbg_primary-threats, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_primary-threats/downloaded/tbg_primary-threats
Extracting ijfqtofzixtwayqovmxn.txt
Everything is Ok
Size: 16296821
Compressed: 3528683
done.
Updating tbg_search-engines... done.
Extracting tbg_search-engines, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_search-engines/downloaded/tbg_search-engines
Extracting pfefqteoxlfzopecdtyw.txt
Everything is Ok
Size: 56555
Compressed: 14915
done.
Blocklists updated.
pgld is not running, doing nothing.
2011-10-29 06:33:19 CEST End: pglcmd update
2011-10-29 07:21:32 CEST Begin: pglcmd stop
Stopping pglcmd.wd �[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld �[122G[ OK ]
2011-10-29 07:21:32 CEST End: pglcmd stop
2011-10-29 16:06:52 CEST Begin: pglcmd start
Building blocklist ...
WARN: Invalid ASCII line:
INFO: ASCII: 760668 entries loaded from "STDIN"
INFO: Merged 549435 of 760668 entries.
INFO: Blocking 211233 IP ranges (2781925720 IPs).
Blocklist built.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-10-29 16:06:55 CEST End: pglcmd start
jre
October 30th, 2011, 06:13 AM
/var/log/pglcmd.log seems ok, so pgl should be running and working.
The logfile should be rotated automatically every day. So I don't understand why you've got entries for several days in the same logfile. Or did you post several logfiles (like /var/log/pgl/pglcmd.log, /var/log/pgl/pglcmd.log.1, /var/log/pgl/pglcmd.log.2.gz, /var/log/pgl/pglcmd.log.3.gz, ...)?
When you post logfiles put them in code tags:output Please edit your last post accordingly.
Now read my last post again, and give the missing answers to my questions asked there.
Betyarka
October 31st, 2011, 04:27 AM
http://www21.zippyshare.com/v/44358840/file.html
http://www21.zippyshare.com/v/33116866/file.html
Jerriy
November 23rd, 2011, 01:18 PM
I little speak english.LMAO you actor good very.
I am HungaryJre got no ham sandwich.
Jerriy
November 23rd, 2011, 01:24 PM
Jre I've got another question/new conundrum since my switch from moblock. How do I immediately end a temporary permission given to an IP or a port after I temporarily allowed it in PGL? Is it just by turning the whole PGL thing off/shutting down the program, and then back on? Or do I need to log off?
jre
November 24th, 2011, 02:54 PM
Just restart pgl.
To avoid the security risk during the restart, you may also remove the whitelisting directly:
Start pgl-gui from the terminal. Then you will see in the debug info some commands like "iptables -I pgl_out --destination SOME.IP -j RETURN" when you allow SOME.IP temporarily. Just execute the same command (with "sudo") with "-D" instead of "-I" to remove the temporary whitelisting, e.g.
sudo iptables -D pgl_out --destination SOME.IP -j RETURN
Logging out and in again won't change anything, because that is an user specifc action, while pgl acts system wide.
Post 561 was quite unnecessary, btw. Without it, I would have seen your actual question sooner in my mails.
Betyarka
November 25th, 2011, 06:47 AM
This my pgld.log
Nov 25 07:10:56 INFO: Connected to dbus system bus.
Nov 25 07:10:56 INFO: Started.
Nov 25 07:10:56 INFO: ASCII: 239367 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 07:10:56 INFO: Blocking 239367 IP ranges (2779143671 IPs).
Nov 25 07:10:56 INFO: NFQUEUE: binding to queue 92
Nov 25 07:10:56 INFO: ACCEPT mark: 20
Nov 25 07:10:56 INFO: REJECT mark: 10
Nov 25 07:11:01 OUT: 89.133.106.172:57086 209.85.148.104:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:01 OUT: 89.133.106.172:52839 209.85.148.106:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:01 OUT: 89.133.106.172:39655 209.85.148.147:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:01 OUT: 89.133.106.172:43188 209.85.148.103:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:01 OUT: 89.133.106.172:41717 209.85.148.105:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:01 OUT: 89.133.106.172:45989 209.85.148.99:80 TCP || AAA National | Norlight Telecommunications | Magnetek PCS
Nov 25 07:11:27 OUT: 89.133.106.172:57470 2.21.246.86:80 TCP || France Telecom | Akamai Technologies
Nov 25 07:11:27 OUT: 89.133.106.172:57884 2.21.246.96:80 TCP || France Telecom | Akamai Technologies
Nov 25 07:11:27 OUT: 89.133.106.172:57472 2.21.246.86:80 TCP || France Telecom | Akamai Technologies
Nov 25 07:11:27 OUT: 89.133.106.172:57886 2.21.246.96:80 TCP || France Telecom | Akamai Technologies
Nov 25 07:11:36 INFO: Unbinding from nfqueue.
Nov 25 07:11:36 STATS: Blocked hit statistics:
Nov 25 07:11:36 STATS: 2.15.0.0-2.23.255.255: France Telecom | Akamai Technologies - 4 hit(s)
Nov 25 07:11:36 STATS: 209.82.192.0-209.86.255.255: AAA National | Norlight Telecommunications | Magnetek PCS - 6 hit(s)
Nov 25 07:11:36 STATS: 10 hits total
Nov 25 07:19:16 INFO: Connected to dbus system bus.
Nov 25 07:19:16 INFO: Started.
Nov 25 07:19:17 INFO: ASCII: 266185 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 07:19:17 INFO: Blocking 266185 IP ranges (1318347224 IPs).
Nov 25 07:19:17 INFO: NFQUEUE: binding to queue 92
Nov 25 07:19:17 INFO: ACCEPT mark: 20
Nov 25 07:19:17 INFO: REJECT mark: 10
Nov 25 07:21:31 INFO: Closing logfile: /var/log/pgl/pgld.log
Nov 25 07:21:31 INFO: Reopened logfile: /var/log/pgl/pgld.log
Nov 25 07:21:31 WARN: pgld dbus is already initialized.
Nov 25 07:21:31 ERROR: Cannot initialize D-Bus
Nov 25 07:24:17 INFO: Connected to dbus system bus.
Nov 25 07:24:17 INFO: Started.
Nov 25 07:24:17 INFO: ASCII: 266185 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 07:24:17 INFO: Blocking 266185 IP ranges (1318347224 IPs).
Nov 25 07:24:17 INFO: NFQUEUE: binding to queue 92
Nov 25 07:24:17 INFO: ACCEPT mark: 20
Nov 25 07:24:17 INFO: REJECT mark: 10
Nov 25 07:28:47 INFO: Unbinding from nfqueue.
Nov 25 07:28:47 STATS: Blocked hit statistics:
Nov 25 07:28:47 STATS: 0 hits total
Nov 25 08:40:01 INFO: Connected to dbus system bus.
Nov 25 08:40:01 INFO: Started.
Nov 25 08:40:02 INFO: ASCII: 266185 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 08:40:02 INFO: Blocking 266185 IP ranges (1318347224 IPs).
Nov 25 08:40:02 INFO: NFQUEUE: binding to queue 92
Nov 25 08:40:02 INFO: ACCEPT mark: 20
Nov 25 08:40:02 INFO: REJECT mark: 10
Nov 25 08:41:31 OUT: 89.133.106.172:33468 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:31 OUT: 89.133.106.172:51147 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:31 OUT: 89.133.106.172:41940 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:31 OUT: 89.133.106.172:39916 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:33496 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:51175 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:41968 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:39944 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:33500 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:51179 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:41972 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:39948 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:40504 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:41:32 OUT: 89.133.106.172:33519 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:51198 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:41991 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:32 OUT: 89.133.106.172:39967 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:33536 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:51215 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:42008 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:39984 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:33541 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:51220 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:42013 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:39989 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:33545 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:51224 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:42017 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:39993 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:40535 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:41:39 OUT: 89.133.106.172:33552 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:51231 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:42024 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:39 OUT: 89.133.106.172:40000 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:42 OUT: 89.133.106.172:33557 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:42 OUT: 89.133.106.172:51236 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:42 OUT: 89.133.106.172:42029 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:42 OUT: 89.133.106.172:40005 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:54 OUT: 89.133.106.172:33564 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:54 OUT: 89.133.106.172:51243 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:54 OUT: 89.133.106.172:42036 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:41:54 OUT: 89.133.106.172:40012 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:22 OUT: 89.133.106.172:33571 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:22 OUT: 89.133.106.172:51250 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:22 OUT: 89.133.106.172:42043 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:22 OUT: 89.133.106.172:40019 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:33576 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:51255 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:42048 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:40024 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:33581 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:51260 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:42053 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:40029 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:40571 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:42:23 OUT: 89.133.106.172:33586 64.236.90.9:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:51265 64.236.90.72:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:42058 64.236.90.8:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:42:23 OUT: 89.133.106.172:40034 64.236.90.73:80 TCP || AOL Transit Data Network | Doubleclick
Nov 25 08:43:01 OUT: 89.133.106.172:45467 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:01 OUT: 89.133.106.172:45468 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:01 OUT: 89.133.106.172:45469 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:01 OUT: 89.133.106.172:45471 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:01 OUT: 89.133.106.172:45472 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:01 OUT: 89.133.106.172:45473 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:02 OUT: 89.133.106.172:45493 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:02 OUT: 89.133.106.172:58997 69.10.24.245:80 TCP || IGN Entertainment
Nov 25 08:43:02 OUT: 89.133.106.172:45495 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:02 OUT: 89.133.106.172:34411 66.235.156.132:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:02 OUT: 89.133.106.172:60130 66.235.156.129:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:02 OUT: 89.133.106.172:45498 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:02 OUT: 89.133.106.172:44093 69.10.25.34:80 TCP || IGN Entertainment
Nov 25 08:43:03 OUT: 89.133.106.172:45502 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:03 OUT: 89.133.106.172:45504 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:03 OUT: 89.133.106.172:45505 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:03 OUT: 89.133.106.172:45507 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:12 OUT: 89.133.106.172:45522 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:12 OUT: 89.133.106.172:55632 69.10.25.5:80 TCP || IGN Entertainment
Nov 25 08:43:12 OUT: 89.133.106.172:45524 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:12 OUT: 89.133.106.172:55636 69.10.25.5:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45528 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45530 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45531 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45532 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45537 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45538 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45539 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45540 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45541 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:15 OUT: 89.133.106.172:45542 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:17 OUT: 89.133.106.172:60184 66.235.156.129:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:17 OUT: 89.133.106.172:34467 66.235.156.132:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:17 OUT: 89.133.106.172:45553 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:17 OUT: 89.133.106.172:38328 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:17 OUT: 89.133.106.172:39433 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:18 OUT: 89.133.106.172:45557 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45563 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:40695 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:18 OUT: 89.133.106.172:45565 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:38345 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:18 OUT: 89.133.106.172:39450 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:18 OUT: 89.133.106.172:45574 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45575 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45576 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45578 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45579 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:18 OUT: 89.133.106.172:45580 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:33 OUT: 89.133.106.172:40730 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:33 OUT: 89.133.106.172:40731 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:34 OUT: 89.133.106.172:55714 69.10.25.5:80 TCP || IGN Entertainment
Nov 25 08:43:34 OUT: 89.133.106.172:55717 69.10.25.5:80 TCP || IGN Entertainment
Nov 25 08:43:34 OUT: 89.133.106.172:40744 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:34 OUT: 89.133.106.172:40745 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:43 OUT: 89.133.106.172:56793 69.10.25.14:80 TCP || IGN Entertainment
Nov 25 08:43:47 OUT: 89.133.106.172:60496 66.235.156.129:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:47 OUT: 89.133.106.172:34779 66.235.156.132:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:48 OUT: 89.133.106.172:45865 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45867 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45868 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45869 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45871 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45872 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45873 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45875 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45876 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:45877 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:48 OUT: 89.133.106.172:60512 66.235.156.129:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:48 OUT: 89.133.106.172:34795 66.235.156.132:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:43:48 OUT: 89.133.106.172:44847 63.251.28.128:80 TCP || FreeWheel Media
Nov 25 08:43:51 OUT: 89.133.106.172:45882 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:38657 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:39762 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:45887 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:45892 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:41024 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:43:52 OUT: 89.133.106.172:45894 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:38669 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:39774 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:45898 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:45899 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:45900 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:38675 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:39780 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:43:52 OUT: 89.133.106.172:45904 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:52 OUT: 89.133.106.172:45907 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:43:53 OUT: 89.133.106.172:45908 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:36 OUT: 89.133.106.172:37817 78.24.233.73:51759 TCP || SGS, a.s
Nov 25 08:44:39 IN: 92.26.72.191:23191 89.133.106.172:6881 UDP || Opal Telecom DSL | Detected AP2P on Opal Telecom
Nov 25 08:44:42 IN: 168.96.148.109:38082 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:44:42 OUT: 89.133.106.172:33896 194.151.100.129:6881 TCP || Albeda College
Nov 25 08:44:43 OUT: 89.133.106.172:44677 188.126.89.100:51545 TCP || Portlane VPN Services
Nov 25 08:44:45 OUT: 89.133.106.172:48053 92.26.72.191:19351 TCP || Opal Telecom DSL | Detected AP2P on Opal Telecom
Nov 25 08:44:45 IN: 168.96.148.109:38082 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:44:48 OUT: 89.133.106.172:60498 151.95.40.139:44331 TCP || Banca Popolare di Bergamo - Credito Varesino | Nuovo Pignone LAN
Nov 25 08:44:51 IN: 168.96.148.109:38082 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:44:53 OUT: 89.133.106.172:45938 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45939 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45940 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45941 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45943 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45944 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45945 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45947 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45948 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:45949 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:53 OUT: 89.133.106.172:60583 66.235.156.129:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:44:53 OUT: 89.133.106.172:34866 66.235.156.132:80 TCP || Omniture, Inc | Archer Communications | omniture.com
Nov 25 08:44:53 OUT: 89.133.106.172:45952 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:45954 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:45955 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:41087 66.220.156.32:80 TCP || Facebook, Inc
Nov 25 08:44:54 OUT: 89.133.106.172:45957 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:38732 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:44:54 OUT: 89.133.106.172:39837 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:44:54 OUT: 89.133.106.172:45961 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:45962 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:45963 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:54 OUT: 89.133.106.172:38738 138.108.7.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:44:54 OUT: 89.133.106.172:39843 138.108.6.20:80 TCP || SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company
Nov 25 08:44:54 IN: 194.151.100.129:58500 89.133.106.172:6881 UDP || Albeda College
Nov 25 08:44:54 OUT: 89.133.106.172:45967 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:55 OUT: 89.133.106.172:45968 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:55 OUT: 89.133.106.172:45969 69.10.24.213:80 TCP || IGN Entertainment
Nov 25 08:44:57 OUT: 89.133.106.172:48096 91.121.74.66:51413 TCP || OVH SAS | powerserv35 | adserver.ma-regie-publicitaire.com
Nov 25 08:45:03 IN: 168.96.148.109:59727 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:06 IN: 168.96.148.109:59727 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:08 IN: 78.24.233.73:9664 89.133.106.172:6881 UDP || SGS, a.s
Nov 25 08:45:12 IN: 168.96.148.109:59727 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:14 IN: 168.96.148.109:34878 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:17 IN: 168.96.148.109:34878 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:23 IN: 168.96.148.109:34878 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:34 IN: 145.53.74.202:53446 89.133.106.172:6881 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 08:45:35 IN: 168.96.148.109:60415 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:36 IN: 188.126.89.100:51545 89.133.106.172:6881 UDP || Portlane VPN Services
Nov 25 08:45:37 IN: 145.53.74.202:53519 89.133.106.172:6881 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 08:45:38 IN: 168.96.148.109:60415 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:45:43 IN: 145.53.74.202:53650 89.133.106.172:6881 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 08:45:44 IN: 168.96.148.109:60415 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:46:34 OUT: 89.133.106.172:55769 168.96.148.109:51413 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:46:36 OUT: 89.133.106.172:49563 78.24.233.73:51759 TCP || SGS, a.s
Nov 25 08:46:40 OUT: 89.133.106.172:58774 188.126.89.100:51545 TCP || Portlane VPN Services
Nov 25 08:46:54 OUT: 89.133.106.172:43076 194.151.100.129:6881 TCP || Albeda College
Nov 25 08:46:58 OUT: 89.133.106.172:38470 92.26.72.191:19351 TCP || Opal Telecom DSL | Detected AP2P on Opal Telecom
Nov 25 08:47:00 OUT: 89.133.106.172:40963 151.95.40.139:44331 TCP || Banca Popolare di Bergamo - Credito Varesino | Nuovo Pignone LAN
Nov 25 08:47:06 OUT: 89.133.106.172:44071 91.121.74.66:51413 TCP || OVH SAS | powerserv35 | adserver.ma-regie-publicitaire.com
Nov 25 08:47:07 INFO: Unbinding from nfqueue.
Nov 25 08:47:07 STATS: Blocked hit statistics:
Nov 25 08:47:07 STATS: 63.251.28.0-63.251.28.255: FreeWheel Media - 1 hit(s)
Nov 25 08:47:07 STATS: 64.236.0.0-64.236.255.255: AOL Transit Data Network | Doubleclick - 56 hit(s)
Nov 25 08:47:07 STATS: 66.220.144.0-66.220.159.255: Facebook, Inc - 10 hit(s)
Nov 25 08:47:07 STATS: 66.235.128.0-66.235.191.255: Omniture, Inc | Archer Communications | omniture.com - 10 hit(s)
Nov 25 08:47:07 STATS: 69.10.16.0-69.10.31.255: IGN Entertainment - 82 hit(s)
Nov 25 08:47:07 STATS: 78.24.232.0-78.24.239.255: SGS, a.s - 3 hit(s)
Nov 25 08:47:07 STATS: 91.121.60.43-91.121.82.124: OVH SAS | powerserv35 | adserver.ma-regie-publicitaire.com - 2 hit(s)
Nov 25 08:47:07 STATS: 92.24.0.0-92.29.255.255: Opal Telecom DSL | Detected AP2P on Opal Telecom - 3 hit(s)
Nov 25 08:47:07 STATS: 138.106.0.0-138.111.255.255: SAAB-SCANIA AB | OLYMPUS CORPORATION | A.C. Nielsen Company - 14 hit(s)
Nov 25 08:47:07 STATS: 145.0.0.0-145.191.255.255: Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl - 3 hit(s)
Nov 25 08:47:07 STATS: 151.94.0.0-151.98.255.255: Banca Popolare di Bergamo - Credito Varesino | Nuovo Pignone LAN - 2 hit(s)
Nov 25 08:47:07 STATS: 168.96.0.0-168.96.255.255: Asociacion Civil Ciencia Hoy - 13 hit(s)
Nov 25 08:47:07 STATS: 188.126.88.0-188.126.95.255: Portlane VPN Services - 3 hit(s)
Nov 25 08:47:07 STATS: 194.151.100.128-194.151.100.255: Albeda College - 3 hit(s)
Nov 25 08:47:07 STATS: 205 hits total
Nov 25 08:55:37 INFO: Connected to dbus system bus.
Nov 25 08:55:37 INFO: Started.
Nov 25 08:55:37 INFO: ASCII: 266185 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 08:55:37 INFO: Blocking 266185 IP ranges (1318347224 IPs).
Nov 25 08:55:37 INFO: NFQUEUE: binding to queue 92
Nov 25 08:55:37 INFO: ACCEPT mark: 20
Nov 25 08:55:37 INFO: REJECT mark: 10
Nov 25 08:55:55 OUT: 89.133.106.172:56855 78.24.233.73:51759 TCP || SGS, a.s
Nov 25 08:56:09 OUT: 89.133.106.172:56675 188.126.89.100:51545 TCP || Portlane VPN Services
Nov 25 08:56:21 IN: 168.96.148.109:37283 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:24 IN: 168.96.148.109:37283 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:30 IN: 168.96.148.109:37283 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:42 IN: 168.96.148.109:44560 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:45 IN: 168.96.148.109:44560 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:51 IN: 168.96.148.109:44560 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:51 IN: 168.96.148.109:52034 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:56:54 IN: 168.96.148.109:52034 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:57:00 IN: 168.96.148.109:52034 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:57:12 IN: 168.96.148.109:48943 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:57:15 IN: 168.96.148.109:48943 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:57:21 IN: 168.96.148.109:48943 89.133.106.172:6881 TCP || Asociacion Civil Ciencia Hoy
Nov 25 08:58:09 OUT: 89.133.106.172:50352 92.26.72.191:19351 TCP || Opal Telecom DSL | Detected AP2P on Opal Telecom
Nov 25 08:58:13 OUT: 89.133.106.172:49382 92.87.197.69:62364 TCP || Detected AP2P on ROMTelecom
Nov 25 08:58:24 OUT: 89.133.106.172:48151 145.53.74.202:10059 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 08:58:26 OUT: 89.133.106.172:33437 78.24.233.73:51759 TCP || SGS, a.s
Nov 25 08:58:34 OUT: 89.133.106.172:60652 91.121.74.66:51413 TCP || OVH SAS | powerserv35 | adserver.ma-regie-publicitaire.com
Nov 25 08:59:22 INFO: Unbinding from nfqueue.
Nov 25 08:59:22 STATS: Blocked hit statistics:
Nov 25 08:59:22 STATS: 78.24.232.0-78.24.239.255: SGS, a.s - 2 hit(s)
Nov 25 08:59:22 STATS: 91.121.60.43-91.121.82.124: OVH SAS | powerserv35 | adserver.ma-regie-publicitaire.com - 1 hit(s)
Nov 25 08:59:22 STATS: 92.24.0.0-92.29.255.255: Opal Telecom DSL | Detected AP2P on Opal Telecom - 1 hit(s)
Nov 25 08:59:22 STATS: 92.87.197.69-92.87.197.69: Detected AP2P on ROMTelecom - 1 hit(s)
Nov 25 08:59:22 STATS: 145.0.0.0-145.191.255.255: Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl - 1 hit(s)
Nov 25 08:59:22 STATS: 168.96.0.0-168.96.255.255: Asociacion Civil Ciencia Hoy - 12 hit(s)
Nov 25 08:59:22 STATS: 188.126.88.0-188.126.95.255: Portlane VPN Services - 1 hit(s)
Nov 25 08:59:22 STATS: 19 hits total
Nov 25 11:17:14 INFO: Connected to dbus system bus.
Nov 25 11:17:14 INFO: Started.
Nov 25 11:17:15 INFO: ASCII: 266185 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Nov 25 11:17:15 INFO: Blocking 266185 IP ranges (1318347224 IPs).
Nov 25 11:17:15 INFO: NFQUEUE: binding to queue 92
Nov 25 11:17:15 INFO: ACCEPT mark: 20
Nov 25 11:17:15 INFO: REJECT mark: 10
Nov 25 11:17:50 IN: 128.39.149.158:52507 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:18:06 IN: 128.39.149.158:52507 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:18:06 IN: 128.39.149.158:53702 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:18:09 IN: 128.39.149.158:53702 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:18:09 IN: 128.39.149.158:52507 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:18:10 OUT: 89.133.106.172:46974 145.94.225.197:30033 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 11:18:15 IN: 128.39.149.158:53702 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:19:45 IN: 128.39.149.158:52517 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:19:45 IN: 128.39.149.158:54116 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:19:48 IN: 128.39.149.158:52517 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:19:48 IN: 128.39.149.158:54116 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:19:54 IN: 128.39.149.158:54116 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:10 OUT: 89.133.106.172:60035 145.94.225.197:30033 TCP || Early registrations SURFnet bv | Grondmechanica Delft | pathe.nl
Nov 25 11:21:21 IN: 128.39.149.158:52526 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:21 IN: 128.39.149.158:54685 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:24 IN: 128.39.149.158:54685 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:24 IN: 128.39.149.158:52526 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:30 IN: 128.39.149.158:54685 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:21:41 OUT: 89.133.106.172:50964 216.238.226.23:28697 TCP || Caravela Software
Nov 25 11:25:39 IN: 128.39.149.158:52563 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:25:42 IN: 128.39.149.158:52563 89.133.106.172:6881 UDP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:26:10 IN: 128.39.149.158:55906 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:26:13 IN: 128.39.149.158:55906 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:26:19 IN: 128.39.149.158:55906 89.133.106.172:6881 TCP || SRI International | JIEO Center for Systems Engineering | USAMI
Nov 25 11:26:40 IN: 193.40.10.178:42982 89.133.106.172:6881 UDP || Estonian Educational and Research Network | Cybernetica AS
Nov 25 11:26:44 IN: 193.40.10.178:42982 89.133.106.172:6881 UDP || Estonian Educational and Research Network | Cybernetica AS
Nov 25 11:26:50 IN: 193.40.10.178:52951 89.133.106.172:6881 TCP || Estonian Educational and Research Network | Cybernetica AS
Nov 25 11:36:16 OUT: 89.133.106.172:59116 184.72.252.42:80 TCP || Detected AP2P on Amazon EC2 cloud
Nov 25 11:36:16 OUT: 89.133.106.172:49521 184.73.235.191:80 TCP || Detected AP2P on Amazon EC2 cloud
Nov 25 11:36:17 OUT: 89.133.106.172:45167 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:17 OUT: 89.133.106.172:44864 87.248.217.253:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:47222 87.248.217.254:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:45170 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:17 OUT: 89.133.106.172:44867 87.248.217.253:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:47225 87.248.217.254:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:45173 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:17 OUT: 89.133.106.172:45174 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:17 OUT: 89.133.106.172:45175 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:17 OUT: 89.133.106.172:44872 87.248.217.253:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:47230 87.248.217.254:80 TCP || Limelight Networks Inc
Nov 25 11:36:17 OUT: 89.133.106.172:53013 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:36:22 OUT: 89.133.106.172:58145 93.184.221.133:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:22 OUT: 89.133.106.172:37598 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:22 OUT: 89.133.106.172:37601 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:23 OUT: 89.133.106.172:37603 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:36:23 OUT: 89.133.106.172:53034 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:36:32 OUT: 89.133.106.172:53037 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:36:38 OUT: 89.133.106.172:53038 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:36:53 OUT: 89.133.106.172:53052 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:37:02 OUT: 89.133.106.172:53057 75.101.153.231:80 TCP || Detected AP2P on Amazon EC2 cloud | jessie2.notlong.com
Nov 25 11:37:33 OUT: 89.133.106.172:60142 208.80.184.203:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:37:33 OUT: 89.133.106.172:46182 208.80.184.202:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:37:34 OUT: 89.133.106.172:37649 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:37:34 OUT: 89.133.106.172:37650 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:37:34 OUT: 89.133.106.172:37652 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:19 OUT: 89.133.106.172:45289 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:19 OUT: 89.133.106.172:45290 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:20 OUT: 89.133.106.172:45291 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:22 OUT: 89.133.106.172:45298 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:22 OUT: 89.133.106.172:44995 87.248.217.253:80 TCP || Limelight Networks Inc
Nov 25 11:38:22 OUT: 89.133.106.172:47353 87.248.217.254:80 TCP || Limelight Networks Inc
Nov 25 11:38:22 OUT: 89.133.106.172:47354 87.248.217.254:80 TCP || Limelight Networks Inc
Nov 25 11:38:22 OUT: 89.133.106.172:45302 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:22 OUT: 89.133.106.172:45303 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:22 OUT: 89.133.106.172:45304 93.184.221.132:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:60207 208.80.184.203:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:46248 208.80.184.202:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:60211 208.80.184.203:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:46251 208.80.184.202:80 TCP || Cybernet Entertainment, LLC | Websense, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:37718 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:23 OUT: 89.133.106.172:37719 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:38:24 OUT: 89.133.106.172:37721 93.184.220.90:80 TCP || EdgeCast Networks, Inc
Nov 25 11:44:16 OUT: 89.133.106.172:59899 64.62.148.12:80 TCP || Hurricane Electric | Metamachine, Inc | New Media E.M.S | ads
Nov 25 11:44:16 OUT: 89.133.106.172:59900 64.62.148.12:80 TCP || Hurricane Electric | Metamachine, Inc | New Media E.M.S | ads
Nov 25 11:44:16 OUT: 89.133.106.172:59901 64.62.148.12:80 TCP || Hurricane Electric | Metamachine, Inc | New Media E.M.S | ads
Nov 25 11:44:16 OUT: 89.133.106.172:59902 64.62.148.12:80 TCP || Hurricane Electric | Metamachine, Inc | New Media E.M.S | ads
My pglcmd.log
2011-11-25 06:51:31 CET Begin: pglcmd stop
Stopping pglcmd.wd
�[74G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld
�[74G[ OK ]
2011-11-25 06:51:32 CET End: pglcmd stop
2011-11-25 07:09:36 CET Begin: pglcmd update
Updating blocklists ...
Updating atma_atma... done.
Extracting atma_atma, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/atma_atma/downloaded/atma_atma
Extracting tzmtqbbsgbtfxainogvm.txt
Everything is Ok
Size: 9471773
Compressed: 749183
done.
Updating bluetack_dshield... done.
Extracting bluetack_dshield, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_dshield/downloaded/bluetack_dshield
Extracting bt_dshield.txt
Everything is Ok
Size: 6994
Compressed: 1775
done.
Updating bluetack_proxy... done.
Extracting bluetack_proxy, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_proxy/downloaded/bluetack_proxy
Extracting bt_proxy.txt
Everything is Ok
Size: 100606
Compressed: 18382
done.
Updating tbg_bogon... done.
Extracting tbg_bogon, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_bogon/downloaded/tbg_bogon
Extracting ewqglwibdgjttwttrinl.txt
Everything is Ok
Size: 37260
Compressed: 5900
done.
Updating tbg_business-isps... done.
Extracting tbg_business-isps, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_business-isps/downloaded/tbg_business-isps
Extracting jcjfaxgyyshvdbceroxf.txt
Everything is Ok
Size: 1677025
Compressed: 242574
done.
Updating tbg_general-corporate-ranges... done.
Extracting tbg_general-corporate-ranges, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_general-corporate-ranges/downloaded/tbg_general-corporate-ranges
Extracting ecqbsykllnadihkdirsh.txt
Everything is Ok
Size: 17752557
Compressed: 3376424
done.
Updating tbg_hijacked... done.
Extracting tbg_hijacked, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_hijacked/downloaded/tbg_hijacked
Extracting tbnuqfclfkemqivekikv.txt
Everything is Ok
Size: 14634
Compressed: 2559
done.
Updating tbg_primary-threats... 2011-11-25 07:10:38 CET Begin: pglcmd start
Building blocklist ...
Updating tbg_primary-threats... done.
Extracting tbg_primary-threats, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_primary-threats/downloaded/tbg_primary-threats
Extracting ijfqtofzixtwayqovmxn.txt
Everything is Ok
Size: 16364697
Compressed: 3539992
done.
Updating tbg_search-engines... . No update available.
Extracting tbg_primary-threats, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_primary-threats/downloaded/tbg_primary-threats
Extracting ijfqtofzixtwayqovmxn.txt
Everything is Ok
Size: 16364697
Compressed: 3539992
done.
Updating tbg_search-engines... done.
Extracting tbg_search-engines, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_search-engines/downloaded/tbg_search-engines
Extracting pfefqteoxlfzopecdtyw.txt
Everything is Ok
Size: 56555
Compressed: 14915
done.
Blocklists updated.
pgld is not running, doing nothing.
2011-11-25 07:10:47 CET End: pglcmd update
. No update available.
Extracting tbg_search-engines, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/tbg_search-engines/downloaded/tbg_search-engines
Extracting pfefqteoxlfzopecdtyw.txt
Everything is Ok
Size: 56555
Compressed: 14915
done.
WARN: Invalid ASCII line:
INFO: ASCII: 807213 entries loaded from "STDIN"
INFO: Merged 567846 of 807213 entries.
INFO: Blocking 239367 IP ranges (2779143671 IPs).
Blocklist built.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 07:10:56 CET End: pglcmd start
2011-11-25 07:11:36 CET Begin: pglcmd stop
Stopping pglcmd.wd ...done.
Warning: sendmail not found.
Check the SENDMAIL setting.
Deleting iptables ...
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld ...done.
2011-11-25 07:11:37 CET End: pglcmd stop
2011-11-25 07:15:08 CET Begin: pglcmd reload
pgld is not running, doing nothing.
2011-11-25 07:15:08 CET End: pglcmd reload
2011-11-25 07:15:44 CET Begin: pglcmd update
Automatic blocklist management disabled.
pgld is not running, doing nothing.
2011-11-25 07:15:44 CET End: pglcmd update
2011-11-25 07:16:02 CET Begin: pglcmd stop
Stopping pglcmd.wd ...done.
Deleting iptables ...
Iptables deleted.
Stopping pgld ...done.
2011-11-25 07:16:02 CET End: pglcmd stop
2011-11-25 07:18:14 CET Begin: pglcmd reload
pgld is not running, doing nothing.
2011-11-25 07:18:14 CET End: pglcmd reload
2011-11-25 07:18:24 CET Begin: pglcmd update
Updating blocklists ...
Updating bluetack_ads-trackers-and-bad-pr0n... done.
Extracting bluetack_ads-trackers-and-bad-pr0n, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_ads-trackers-and-bad-pr0n/downloaded/bluetack_ads-trackers-and-bad-pr0n
Extracting bt_ads.txt
Everything is Ok
Size: 122411
Compressed: 36164
done.
Updating bluetack_edu... done.
Extracting bluetack_edu, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_edu/downloaded/bluetack_edu
Extracting bt_edu.txt
Everything is Ok
Size: 2766702
Compressed: 604011
done.
Updating bluetack_level1... done.
Extracting bluetack_level1, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_level1/downloaded/bluetack_level1
Extracting bt_level1.txt
Everything is Ok
Size: 12171493
Compressed: 2686191
done.
Updating bluetack_level2... done.
Extracting bluetack_level2, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_level2/downloaded/bluetack_level2
Extracting bt_level2.txt
Everything is Ok
Size: 4287519
Compressed: 999451
done.
Updating bluetack_spyware... done.
Extracting bluetack_spyware, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_spyware/downloaded/bluetack_spyware
Extracting bt_spyware.txt
Everything is Ok
Size: 147679
Compressed: 41805
done.
Blocklists updated.
pgld is not running, doing nothing.
2011-11-25 07:19:08 CET End: pglcmd update
2011-11-25 07:19:15 CET Begin: pglcmd start
Building blocklist ...
WARN: Invalid ASCII line:
INFO: ASCII: 359613 entries loaded from "STDIN"
INFO: Merged 93428 of 359613 entries.
INFO: Blocking 266185 IP ranges (1318347224 IPs).
Blocklist built.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 07:19:16 CET End: pglcmd start
2011-11-25 07:20:55 CET Begin: pglcmd update
Updating blocklists ...
Updating bluetack_ads-trackers-and-bad-pr0n... . No update available.
Extracting bluetack_ads-trackers-and-bad-pr0n, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_ads-trackers-and-bad-pr0n/downloaded/bluetack_ads-trackers-and-bad-pr0n
Extracting bt_ads.txt
Everything is Ok
Size: 122411
Compressed: 36164
done.
Updating bluetack_edu... . No update available.
Extracting bluetack_edu, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_edu/downloaded/bluetack_edu
Extracting bt_edu.txt
Everything is Ok
Size: 2766702
Compressed: 604011
done.
Updating bluetack_level1... . No update available.
Extracting bluetack_level1, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_level1/downloaded/bluetack_level1
Extracting bt_level1.txt
Everything is Ok
Size: 12171493
Compressed: 2686191
done.
Updating bluetack_level2... . No update available.
Extracting bluetack_level2, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_level2/downloaded/bluetack_level2
Extracting bt_level2.txt
Everything is Ok
Size: 4287519
Compressed: 999451
done.
Updating bluetack_spyware... . No update available.
Extracting bluetack_spyware, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_spyware/downloaded/bluetack_spyware
Extracting bt_spyware.txt
Everything is Ok
Size: 147679
Compressed: 41805
done.
Blocklists updated.
Building blocklist ...
WARN: Invalid ASCII line:
INFO: ASCII: 359613 entries loaded from "STDIN"
INFO: Merged 93428 of 359613 entries.
INFO: Blocking 266185 IP ranges (1318347224 IPs).
Blocklist built.
Reloading pgld ...done.
2011-11-25 07:21:31 CET End: pglcmd update
pglcmd.wd: pgld is not running!
The watchdog detected that the daemon is not running.
To disable the watchdog set WATCHDOG="0" in /etc/pgl/pglcmd.conf.
Now doing a restart:
* Restarting only PeerGuardian Linux pgld
2011-11-25 07:24:17 CET Begin: pglcmd restart_not_wd
Deleting iptables ...
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld/sbin/start-stop-daemon: warning: failed to kill 25168: No such process
...done.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 07:24:17 CET End: pglcmd restart_not_wd
...done.
Warning: sendmail not found.
Check the SENDMAIL setting.
* /var/run/pglcmd.wd.pid already exists, not starting pglcmd.wd again
2011-11-25 07:28:47 CET Begin: pglcmd stop
Stopping pglcmd.wd ...done.
Warning: sendmail not found.
Check the SENDMAIL setting.
Deleting iptables ...
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld ...done.
2011-11-25 07:28:48 CET End: pglcmd stop
2011-11-25 07:36:29 CET Begin: pglcmd stop
Stopping pglcmd.wd
�[122G[ OK ]
Deleting iptables ...
Iptables deleted.
Stopping pgld
�[122G[ OK ]
2011-11-25 07:36:29 CET End: pglcmd stop
2011-11-25 08:40:00 CET Begin: pglcmd start
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 08:40:01 CET End: pglcmd start
2011-11-25 08:47:07 CET Begin: pglcmd stop
Stopping pglcmd.wd ...done.
Warning: sendmail not found.
Check the SENDMAIL setting.
Deleting iptables ...
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld ...done.
2011-11-25 08:47:09 CET End: pglcmd stop
2011-11-25 08:55:36 CET Begin: pglcmd start
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 08:55:37 CET End: pglcmd start
2011-11-25 08:59:22 CET Begin: pglcmd stop
Stopping pglcmd.wd ...done.
Warning: sendmail not found.
Check the SENDMAIL setting.
Deleting iptables ...
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld ...done.
2011-11-25 08:59:23 CET End: pglcmd stop
2011-11-25 11:17:13 CET Begin: pglcmd start
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.53 ...done.
..Allowing OUTPUT traffic to DNS server 213.46.246.54 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.53 ...done.
..Allowing FORWARD traffic to DNS server 213.46.246.54 ...done.
..Allowing LAN traffic ...
....INPUT from 89.133.104.0/21 ...done.
....OUTPUT to 89.133.104.0/21 ...done.
....FORWARD from 89.133.104.0/21 to 89.133.104.0/21 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2011-11-25 11:17:14 CET End: pglcmd start
Jerriy
November 30th, 2011, 08:17 AM
Workaround for you, make the window a little bigger ;-)That would be a wonderful solution, but only if PGL had Moblock-GUI's superior capacity to (auto)save settings so that one doesn't have to repeat the same adjustments everytime PGL is turned on (* >> by settings I'm mainly referring to windows size and location/position on screen)
.
VcDeveloper
December 20th, 2011, 12:34 PM
Question, I upgraded from MoBlock to PeerGuardian, but I didn't completely remove MoBlock, just un-installed it.
Should it had been completely removed, because the gui looks almost the same and I get a "failed execution message" to check the log files, but I don't see any error messages.
Other than that is work perfectly! In-fact too good! Excellent work!
P.S. Is it safe to start the gui using gksu, because I have to several mods to the allow.p2p file?
VcDeveloper
December 20th, 2011, 12:55 PM
Oh Boy! I should of checked Synaptic before I did the manual install, because I already had it! Argh! How can I safely removed the manually installed pgl without messing up Synaptic pgl files? There's no enabled mark indicating its installed even though I did it manually.
VcDeveloper
December 20th, 2011, 02:07 PM
I got working now, when I used Synaptic it removed MoBlock and added its settings. One other question is can someone tell me if my setting look good and if I need to make some adjustments.
# pglcmd.conf - configuration file for pglcmd
# This file is sourced by a shell script. Any line which starts with a # (hash)
# is a comment and is ignored. If you set the same variable several times,
# then only the last line will be used.
# Refer to pglcmd.defaults (/usr/lib/pgl/pglcmd.defaults)
# for the complete set of possible configuration variables with comments.
# Do a "pglcmd restart" (sometimes even "reload" is enough) when you have
# edited this file.
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
LOG_IPTABLES="LOG --log-level info"
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_IP_IN=""
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_IP_OUT="8.23.224.121 8.23.224.255 8.23.224.120"
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_TCP_IN="22:22"
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_TCP_OUT="http https ftp"
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_UDP_IN="80:80 443:443 22:22 993:993"
# Automatically added from /etc/blockcontrol/blockcontrol.conf:
WHITE_UDP_OUT="80:80 443:443 22:22 993:993"
Thanks!...
MartijnNL
January 12th, 2012, 04:27 AM
Can pgl be run without the GUI? And if so, why is pgl-gui a dependency of pgld (in the ppa)? I'm running a torrent client on a server without GUI. Of course I could just install it, but it installs some qt dependencies as well. And I prefer to keep my server clean.
Edit: Ah, I found it. It's not a dependency but a recommend. I just have to use the --no-install-recommends option.
jre
January 12th, 2012, 02:37 PM
P.S. Is it safe to start the gui using gksu, because I have to several mods to the allow.p2p file?
You don't need that for the whole app. pgl-gui will prompt when needed for e.g. the gksu password only once per session and then remember the password for further actions that require root rights.
LOG_IPTABLES="LOG --log-level info"
With pgl this is not really necessary anymore. pgld can log to syslog on its own.
WHITE_TCP_IN="22:22"
totally ok, only your ssh daemon is not protected by MoBlock
WHITE_TCP_OUT="http https ftp"
generally ok, but e.g. an evil P2P user may just listen on these ports (instead of the standard P2P ports) and thus circumvent your protection if your P2P app connects to him. He can't connect to you unless you keep these 2 unnecessary whitelistings for IN:
WHITE_UDP_IN="80:80 443:443 22:22 993:993"
unnecessary, remove!
WHITE_UDP_OUT="80:80 443:443 22:22 993:993"
unnecessary, remove!
Can pgl be run without the GUI? And if so, why is pgl-gui a dependency of pgld (in the ppa)? I'm running a torrent client on a server without GUI. Of course I could just install it, but it installs some qt dependencies as well. And I prefer to keep my server clean.
Edit: Ah, I found it. It's not a dependency but a recommend. I just have to use the --no-install-recommends option.
Correct.
nymaar
February 9th, 2012, 11:54 AM
Dear friends,
I am starting to be really desperate about the installation. My distro is 11.10 Ocellot. I follow simple installation procedure:
sudo add-apt-repository ppa:jre-phoenix/ppa
sudo apt-get update
sudo apt-get install moblock blockcontrol mobloquer
I constantly get back errors that "E: Package 'moblock' has no installation candidate" and the same for "blockcontrol" and "mobloquer". (I dont copy / paste from Terminal because I have in my native language - Czech).
I am a total newbie in Linux so do not use "heavy guns" on me, I wouldn't understand. BUT I am not stupid so please help me with it or I will get mad (I really am trying to google it for some time now ...:)
Thanx
Gavin77
February 9th, 2012, 07:30 PM
Moblock is the old version, you should try installing pgl-gui (and it's dependencies). The Oneiric version has been broken ever since it was released but the Natty version works fine.
nymaar
February 9th, 2012, 08:56 PM
Hi! Thanx for a quick answer.
Just an adequate question following .. I tried install pgl-gui (dependancies including) from the Software Center some time ago but the result was in getting some error messages etc when launching it. I also tried this IPLIST by Uljanow with the same result and I hope I didn't spoile something with it.
So as You say the Oneric ver. is broken, You mean the pgl for Oneric OR the Oneric distro of Ubuntu is broken? :)
Also if there is some chance You could send me a link to Natty working version I would appreciate it (i don't know how to compile .deb packages though but I will try if there is no direct install link for terminal :)
The "underground" question is pointed to the pgl creators (with all respect and thanks for their hard work of course) why it is SO difficult to get some info about that. I mean if I simply want to and love to use this great app, why is it so hard to get it alive on a most recent Ubuntu system... this may be rhetoricall question and I mean it with a respect!
Thank You,
o_.
Gavin77
February 10th, 2012, 09:44 AM
When you add the repository for moblock/pgl just change the source from Oneiric to Natty.
In Muon Software Centre, goto Settings - Configure Software Sources
Under Other Software, find the jre-phoenix entry and click edit and change Oneiric to Natty.
Do this before installing pgl. If it's already installed just remove it, reload the package list and install again.
nymaar
February 10th, 2012, 12:59 PM
Oh Gavin77,
thank You much! Now it is as it is supposed to be and all working (up to now) like a charm :) Strange is that You really do not get this info so easy and especially from the official sources:) But never mind.
Anyway I thank You again!
Regards, O_.
jre
February 11th, 2012, 09:59 AM
Hi,
first off, thanks Gavin77, it's great to see that there is some community that does support.
Beginning with oneiric I only offer pgl packages. Today I already strongly recommend to use pgl on all distros, and will probably force the older distros to upgrade to pgl, too. So never install moblock.
Please tell me about the problem with the oneiric version (describe what happens when, post logfiles and the output of "pglcmd status" and "pglcmd test", ...).
The package builds fine, so I thought it was working. This is the first time I heard about that (unless I forgot it).
Generally about support: I still have to work more on replacing "moblock" with "pgl". You may help by spreading the word. E.g. https://help.ubuntu.com/community/MoBlock is freely editable, and creating a nearly identical page for pgl is not too hard. These are just little steps for you, but they will help the whole project.
You may also tell me, where you were directed to using moblock, and where you hoped to find information about pgl, but didn't find it. (Best option is always to directly update outdated information, otherwise comment on that site or contact the site owner to update the information).
Another problem is, that the old peerguardian project is dead and we basically lost our home phoenixlabs.org half a year ago. So you'll find us (or me) at peerguardian.sourceforge.net (peerguardian development).
Other ressources are moblock-deb.sourceforge.net (for Debian packages, similar to my Ubuntu ppa) and the above mentioned wiki. I strongly welcome any help with placing information on these places (preferrably by maintaining peerguardian.sourceforge.net and adding a wiki there, and redirecting there from all other places).
Did I mention I lack time?
nymaar
February 21st, 2012, 08:49 PM
Hi jre,
for the start: I don't know if which You posted is directed to me but if so I am sorry for my late answer. I was more interested in a snb freerides lately and I was quite satisfied with the answer Gavin77 gave to me but now I will try to come back to it and kindly respond.
I will try to answer Your questions from the newbie point of view if You are interested and describe the way I took. I will presume You'll understand I am an Ubuntu (Linux) beginner and You can catch my drift.
First of all: As a Win user and a torrent lover I knew a Peerguardian. I was looking for a Linux substitution and I found this site https://help.ubuntu.com/community/MoBlock (https://help.ubuntu.com/community/MoBlock). I tried Iplist by Uljanov and found out it doesn't work as i expected or I was just not enough skilled to get it running properly on Oneric.
The site also provide some info about moblock and related packages so I tried to install it via PPA and also via Synaptics. The results were the same as I described in my first post here few posts back. The same it was with the links available throughout the "best things to do after installing Oneric" related articles ( e.g. http://*********************.com/2011/07/05/installing-moblock-deb-moblock-nfblock-blockcontrol-and-mobloquer-in-ubuntu-11-04-natty-narwhal/ (http://*********************.com/2011/07/05/installing-moblock-deb-moblock-nfblock-blockcontrol-and-mobloquer-in-ubuntu-11-04-natty-narwhal/)). After that I didn't give up but started to be a little desperate (I admit it might have been just some kind of "blindness" or incapability of finding something useful) and after while I found the site http://moblock-deb.sourceforge.net/index.html (THIS is the place where I really expected to find the information .. which You asked me). Even this site didn't give me much hope because I really don't find it very useful ( I know, now "linux users" will sigh and close the page but ... ) ... but Linux is fortunately starting to be more "user friendly" with all the Ubuntu distros and I think people like You have been trying to follow the stream and do things adequately "user friendly".
So "what happens when" is not my case... I couldn't simply find any working SIMPLE (please don't kill me for that) solution or a link to install properly MoBlock or PGL either via PPL or Synaptics until Gavin77 had directed me to this https://launchpad.net/~jre-phoenix/+archive/ppa/+build/2790886 (https://launchpad.net/%7Ejre-phoenix/+archive/ppa/+build/2790886) link which now works perfectly but is for Natty distro (I don't actually care but the thing is I was lucky to get a proper answer.). But anyway ... MoBlock is probably the thing I have installed now (or maybe not, I just followed Gavin77's advice and I can't recognize what is the version now:) I just know I have Mobloquer graph. interface installed which tells me "MoBlock is up and running".
I can't even give You logfiles because when I installled via PPA I got the terminal mesaages in Czech language which is my system language but it was as I wrote before: something about "Oneric has no installation candidate"...
So, sorry for my bad English and I hope I gave You some feedback. Finally I must say I admire Your work (free) very much and I hope I didn't offend You with something. Please let me know if there is something I could explain or do more.
Regards, Ondrej
Did I mention I lack the time either? :) Never mind. You do great job. I am just an user :)
uncleBez
February 28th, 2012, 01:18 AM
Not really sure how to go about this, or what information beyond what I supply here would be useful, feel free to tell me.
I'm not at the offending machine right now, so can get more info later if necessary.
However while running peerguardian on ubuntu 11.10 and while a couple of torrents are connected. After about 10 mins of having peerguardian running, browsing of websites becomes impossibly slow, if not stopped.
I have read snippets on how to determine what block file blocks what ip address etc, but that doesn't seem to be the issue here, since I was able to browse fine for around 10 mins and then not browse anything.
After stopping peerguardian usually a few seconds to a minute after stopping it browsing becomes possible again (it may be the torrents, but I stop those before stopping peerguardian).
Any tips on how one might diagnose such an issue?
Gavin77
February 28th, 2012, 09:12 AM
Assuming you have pgl-gui installed, click on the configure tab then on the right under whitelist click the green plus sign. Fill out the box like my attachment picture and you should be OK to go.
Since you're using 11.10 you might find it useful to read the previous few pages here as to why I'm using the 11.04 (Natty) version on 11.10. On Oneiric if you reload the lists it disables itself so if you have pgl running when it updates daily you'll find it istn't running afterwards.
Saying that, nobody else has confirmed or denied my problem but I've tried it on a newly installed system with the same results.
SirLafsalot
February 29th, 2012, 02:53 PM
Gavin77 said:
nobody else has confirmed or denied my problemI can confirm your problem. I run two systems, one with Ubuntu 11.10 (Oneiric) and one with Linux Mint 12, which is based upon Ubuntu 11.10 (Oneiric). Both do exactly as you describe.
Plus, whenever I open pgl-gui, I get the warning shown in the attached image.
I checked the two log files, as directed, and found the following:
From pglcmd.log:
2012-02-29 07:19:38 EST Begin: pglcmd update
Updating blocklists ...
Updating bluetack_dshield... . No update available.
Extracting bluetack_dshield, detected 7z...
7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18
p7zip Version 9.20 (locale=C,Utf16=off,HugeFiles=on,2 CPUs)
Processing archive: /var/spool/pgl/bluetack_dshield/downloaded/bluetack_dshield
Extracting bt_dshield.txt
Everything is Ok
Size: 6927
Compressed: 1728
done.
Blocklists updated.
Building blocklist ...
WARN: Invalid ASCII line:
INFO: ASCII: 120 entries loaded from "STDIN"
INFO: Merged 10 of 120 entries.
INFO: Blocking 110 IP ranges (5220 IPs).
Blocklist built.
Reloading pgld ...done.
2012-02-29 07:19:44 EST End: pglcmd update
pglcmd.wd: pgld is not running!
The watchdog detected that the daemon is not running.
To disable the watchdog set WATCHDOG="0" in /etc/pgl/pglcmd.conf.
Now doing a restart:
* Restarting only PeerGuardian Linux pgldFrom pgld.log:
Feb 29 07:19:44 INFO: Closing logfile: /var/log/pgl/pgld.log
Feb 29 07:19:44 INFO: Reopened logfile: /var/log/pgl/pgld.log
Feb 29 07:19:44 WARN: pgld dbus is already initialized.
Feb 29 07:19:44 ERROR: Cannot initialize D-Bus
Feb 29 07:23:54 INFO: Connected to dbus system bus.
Feb 29 07:23:54 INFO: Started.
Feb 29 07:23:54 INFO: ASCII: 110 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Feb 29 07:23:54 INFO: Blocking 110 IP ranges (5220 IPs).
Feb 29 07:23:54 INFO: NFQUEUE: binding to queue 92
Feb 29 07:23:54 INFO: ACCEPT mark: 20
Feb 29 07:23:54 INFO: REJECT mark: 10This occurred after I deleted all downloaded blocklists and set pgl-gui to only load the bluetack_dshield list as a test. I originally got the warning in the attached image when I first installed pgl with the default list selection, so I went through three tests, loading only one list (as shown), two lists and three. Every time, I got the same warning in the attached image, the same "WARN: Invalid ASCII line:" error, and the log files looked very similar to what I have shown here.
I am going to remove pgl, try changing the repository to "Natty", as suggested, reinstall pgl, and see what happens. <<Time passes>> Okay, I did that and got the following from pglcmd.log (not including all of the download and extract messages):
done.
WARN: Invalid ASCII line:
INFO: ASCII: 791177 entries loaded from "STDIN"
INFO: Merged 573455 of 791177 entries.
INFO: Blocking 217722 IP ranges (2800039871 IPs).
Blocklist built.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule [ OK ]
....Whitelisting IP ranges [ OK ]
....Inserting block rule [ OK ]
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule [ OK ]
....Whitelisting IP ranges [ OK ]
....Inserting block rule [ OK ]
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule [ OK ]
....Inserting block rule [ OK ]
..Allowing loopback traffic: INPUT OUTPUT [ OK ]
..Allowing OUTPUT traffic to DNS server 192.168.1.1 [ OK ]
..Allowing FORWARD traffic to DNS server 192.168.1.1 [ OK ]
..Allowing LAN traffic ...
....INPUT from 192.168.1.0/24 [ OK ]
....OUTPUT to 192.168.1.0/24 [ OK ]
....FORWARD from 192.168.1.0/24 to 192.168.1.0/24 [ OK ]
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld [ OK ]
Starting pglcmd.wd [ OK ]
2012-02-29 13:12:39 EST End: pglcmd startAnd this from pgld.log:
Feb 29 13:12:39 INFO: Connected to dbus system bus.
Feb 29 13:12:39 INFO: Started.
Feb 29 13:12:39 INFO: ASCII: 217722 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Feb 29 13:12:39 INFO: Blocking 217722 IP ranges (2800039871 IPs).
Feb 29 13:12:39 INFO: NFQUEUE: binding to queue 92
Feb 29 13:12:39 INFO: ACCEPT mark: 20
Feb 29 13:12:39 INFO: REJECT mark: 10As you can see, I still got the "WARN: Invalid ASCII line:" in the log file during the installation. When I opened pgl-gui, I again got the warning in the attached image. So far, I have tried an Update, a Reload, and a Restart, all of which worked without disabling pgl. But, I did get the following log entry in pglcmd.log:
2012-02-29 13:20:20 EST Begin: pglcmd restart
Stopping pglcmd.wd ...done.
Emailing stats ...done.
Deleting iptables ...
Please install an MTA on this system if you want to use sendmail!
..Executing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
..Removing iptables remove script /var/lib/pgl/.pglcmd.iptables.remove.sh ...done.
Iptables deleted.
Stopping pgld ...done.
Inserting iptables ...
..Setting up iptables for INPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for OUTPUT:
....Creating chain and inserting NFQUEUE rule ...done.
....Whitelisting ports ...done.
....Whitelisting IP ranges ...done.
....Inserting block rule ...done.
..Setting up iptables for FORWARD:
....Creating chain and inserting NFQUEUE rule ...done.
....Inserting block rule ...done.
..Allowing loopback traffic: INPUT OUTPUT ...done.
..Allowing OUTPUT traffic to DNS server 192.168.1.1 ...done.
..Allowing FORWARD traffic to DNS server 192.168.1.1 ...done.
..Allowing LAN traffic ...
....INPUT from 192.168.1.0/24 ...done.
....OUTPUT to 192.168.1.0/24 ...done.
....FORWARD from 192.168.1.0/24 to 192.168.1.0/24 ...done.
..LAN traffic allowed.
..Activating chains:
....INPUT
....OUTPUT
....FORWARD
..Chains activated.
Iptables inserted.
Starting pgld ...done.
Starting pglcmd.wd ...done.
2012-02-29 13:20:21 EST End: pglcmd restartNo, I do not have an MTA installed (that I know of), which is new to the log entry here, but did show up during my original tests of loading one, two and three of the blocklists.
I apologize if anyone objects to this very long message. I cannot make heads or tails out of what is going on, but figured I would post all of this in case it might help someone else to figure it out. Cheers!
masuch
March 1st, 2012, 04:31 PM
Hi,
I have a problem to start pgld on oneiric - part of pglcmd.log:
...
WARN: Invalid ASCII line:
...
Whitelisting portsiptables v1.4.10: invalid port/service `ssl' specified
...
Could you please help me what should i setup for port/service ssl ?
thank you,
kind regards,
M.
Gavin77
March 1st, 2012, 09:29 PM
I just installed Kubuntu Precise (12.04) Beta 1 and PGL has the exact same problem as on Oneiric, it disables itself after an update/reload. I'm again using the Natty PGL without any problem.
Gavin77
March 1st, 2012, 09:31 PM
Hi,
I have a problem to start pgld on oneiric - part of pglcmd.log:
...
WARN: Invalid ASCII line:
...
Whitelisting portsiptables v1.4.10: invalid port/service `ssl' specified
...
Could you please help me what should i setup for port/service ssl ?
thank you,
kind regards,
M.
You need to whitelist port 443.
masuch
March 2nd, 2012, 11:58 AM
You need to whitelist port 443.
This is what I do not know what I am doing wrong ?
I have had in pglcmd.conf file:
WHITE_TCP_OUT="http https ftp ssl ssh"
So, I thought that ssl is allowed but after pgld restart I have got the error message which I reported.
What did I miss/mess ?
Thank you for any clue.
M.
P.S. By removing ssl from config make it works but it is not probably the right solution.
masuch
March 2nd, 2012, 12:00 PM
I just installed Kubuntu Precise (12.04) Beta 1 and PGL has the exact same problem as on Oneiric, it disables itself after an update/reload. I'm again using the Natty PGL without any problem.
I have got the same error message when I removed and install natty version. So I am back in oneiric version for now.
Gavin77
March 2nd, 2012, 12:41 PM
Remove ssl from your whitelist, you have https there already.
If you need a list of valid port numbers try https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
masuch
March 2nd, 2012, 04:06 PM
Remove ssl from your whitelist, you have https there already.
If you need a list of valid port numbers try https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Thanks to confirm.
That was exactly what was bothering me - https was/is already there so why ssl ? I thought that ssl has some special (different to https) meaning ?
I have a another question if you can please help me:
I put to pglcmd.conf following:
WHITE_TCP_IN="80 443 22 5900"
My idea is to let some services to be accessible to my local network.
web server port 80 , web server with ssl port 443,
ssh/sshfs port 22 , vncviewer port 5900
is this all what I have to do to let its be accessible on local network or do I need to do some more configurations ?
Thannks for help,
Regards,
M.
Gavin77
March 2nd, 2012, 06:19 PM
Sorry, I don't know as I'm not an expert on these things.
Hopefully jre can help if he's still around.
uncleBez
March 3rd, 2012, 06:53 AM
Assuming you have pgl-gui installed, click on the configure tab then on the right under whitelist click the green plus sign. Fill out the box like my attachment picture and you should be OK to go.
Thanks Gavin77 for your resonse.
I have port 80 and 443 whitelisted for outgoing, witht the gui showing the same configuration as your screenshot. Which is exactly why I am
stumped as to why my browsing fails around 5 to 10 minutes after activating pgl. I find the 5 - 10 min lag rather odd.. To me, if the ip and or port is blocked, then it's blocked.. it should fail straight away.
???
Saying that, nobody else has confirmed or denied my problem but I've tried it on a newly installed system with the same results.
I've been starting it manually anyway, so that shouldn't be an issue for me.. should it?
uncleBez
March 3rd, 2012, 07:05 AM
I'm trying out the natty version. Worth a shot. Thanks for the tip.
masuch
March 3rd, 2012, 10:01 AM
Hi,
I am using i2p for long time.
After have installed peerguradian from ubuntu oneric repository I could not figure out how to configure pglcmd.conf for i2p ?
I have two problems:
1. Configure UDP ports for Tor:
I did the following:
WHITE_UDP_OUT="123 26719"
WHITE_UDP_IN="123 26719"
i2p has following config:
i2np.udp.port=26719
2. configure opera browser to use i2p proxy 4444.
WHITE_TCP_OUT="http https 4444"
Could anybody please help what am I missing/doing wrong ?
Thank you very much for any help,
Kind Regards,
M.
masuch
March 6th, 2012, 07:49 AM
Hi,
I am using i2p for long time.
After have installed peerguradian from ubuntu oneric repository I could not figure out how to configure pglcmd.conf for i2p ?
I have two problems:
1. Configure UDP ports for Tor:
I did the following:
WHITE_UDP_OUT="123 26719"
WHITE_UDP_IN="123 26719"
i2p has following config:
i2np.udp.port=26719
2. configure opera browser to use i2p proxy 4444.
WHITE_TCP_OUT="http https 4444"
Could anybody please help what am I missing/doing wrong ?
Thank you very much for any help,
Kind Regards,
M.
solved by opened additional udp in/out ports according to i2p port manual
masuch
March 6th, 2012, 07:53 AM
Thanks to confirm.
That was exactly what was bothering me - https was/is already there so why ssl ? I thought that ssl has some special (different to https) meaning ?
I have a another question if you can please help me:
I put to pglcmd.conf following:
WHITE_TCP_IN="80 443 22 5900"
My idea is to let some services to be accessible to my local network.
web server port 80 , web server with ssl port 443,
ssh/sshfs port 22 , vncviewer port 5900
is this all what I have to do to let its be accessible on local network or do I need to do some more configurations ?
Thannks for help,
Regards,
M.
solved by putting them into
WHITE_IP_IN and WHITE_IP_OUT
masuch
March 6th, 2012, 07:56 AM
Hi,
I did not figure out how to allow outgoing ICMP messages ?
I did not find command in documentation like:
WHITE_ICMP_OUT="ip address ranges"
Could anybody please help how to manage it ?
thank you,
regards,
M.
kosajaffe
March 23rd, 2012, 02:50 PM
Is it a good or a bad idea to white list 127.0.1.1 in pgl? Does this make my system vulnerable or not? I was trying to connect to a compilation daemon on my system which was being blocked by pgl. Got "Connection Refused" error... Now I can use the daemon but I'm not sure if white-listing was a good idea...
jre
March 30th, 2012, 02:51 PM
First off, seems I didn't have a look at this forum here for quite a time - sorry. And special thanks to Gavin77 for helping here!
After much work (real life) in the past weeks, I'll be in holidays most time of April. Prepare to see me again in May.
As some may have noticed, phoenixlabs.org doesn't exist any more. But pgl is still developed by me (jre-I-have-real-life-time-constraints), other old and new developers. Everyone who wants to contribute can contact me and can commit to the git repository at peerguardian.sourceforge.net. This way, I am sure that we keep pgl alive.
We will probably make a release before my holidays:
- fixing the "empty" warning on startup
- containing a new build system. If we are lucky this will fix the oneiric/precise problems. Please give me immediate feedback then, otherwise I will disable these dists to force everybody to use the working natty binaries (thanks again Gavin77).
jre
March 30th, 2012, 02:51 PM
Is it a good or a bad idea to white list 127.0.1.1 in pgl? Does this make my system vulnerable or not? I was trying to connect to a compilation daemon on my system which was being blocked by pgl. Got "Connection Refused" error... Now I can use the daemon but I'm not sure if white-listing was a good idea...
No problem, just do that.
jre
March 30th, 2012, 02:56 PM
Hi,
I did not figure out how to allow outgoing ICMP messages ?
I did not find command in documentation like:
WHITE_ICMP_OUT="ip address ranges"
Could anybody please help how to manage it ?
thank you,
regards,
M.
Add a file /etc/pgl/iptables-custom-insert.sh with lines like this
iptables -I pgl_out -p icmp -d 123.123.123.123 -j RETURN
This example allows outgoing icmp packets to the IP 123.123.123.123
To apply the change do a "pglcmd restart" or a "sudo iptables ..."
jre
March 30th, 2012, 03:04 PM
I have port 80 and 443 whitelisted for outgoing, witht the gui showing the same configuration as your screenshot. Which is exactly why I am stumped as to why my browsing fails around 5 to 10 minutes after activating pgl. I find the 5 - 10 min lag rather odd.. To me, if the ip and or port is blocked, then it's blocked.. it should fail straight away.
???
Correct. For me it sounds as if pgld is acting too slow and the buffer is filling up. For a similar problem the following commands in the terminal to increase the default receive/send window did help:
sysctl -w net.core.rmem_default=8388608
sysctl -w net.core.wmem_default=8388608
I've been starting it manually anyway, so that shouldn't be an issue for me.. should it?[/QUOTE]
No, shouldn't make any difference.
EDIT: Err, sorry if I missed something you already posted. Does this also happen after you restarted pgl? Perhaps you are just hit pgld crashed (the oneiric/precise) problem. Then traffic is sent to nirvana, until pgld gets restarted by pglcmd.wd.
jre
March 30th, 2012, 03:12 PM
Thanks to confirm.
That was exactly what was bothering me - https was/is already there so why ssl ? I thought that ssl has some special (different to https) meaning ?
I have a another question if you can please help me:
I put to pglcmd.conf following:
WHITE_TCP_IN="80 443 22 5900"
My idea is to let some services to be accessible to my local network.
web server port 80 , web server with ssl port 443,
ssh/sshfs port 22 , vncviewer port 5900
is this all what I have to do to let its be accessible on local network or do I need to do some more configurations ?
Depends on the services that you are running on your machine and want to be available on the net. But If you want them to be accessible on your local network only, I recommend to use IP whitelisting instead of prot whitelisting (port whitelisting opens that port for everybody, so it is a security risk).
Your whole LAN should already be whitelisted automatically, if not add it either to /etc/pgl/allow.p2p
My LAN:192.168.0.0-192.168.0.255
or to /etc/pgl/pglcmd.conf
WHITE_IP_IN="192.168.0.0/24"
(Above is an example, you have to use your real IPs of course. Check the IP after "inet" of your network interface (e.g. wlan0) in the output of "inet addr" to learn your IPs.
jre
March 30th, 2012, 03:20 PM
Plus, whenever I open pgl-gui, I get the warning shown in the attached image.
This will probably be fixed in the next releasse. That should happen if on your system "which" is not installed.
Every time, I got the same warning in the attached image, the same "WARN: Invalid ASCII line:" error, and the log files looked very similar to what I have shown here.
Don't worry about that (TM), just a malformed line in the blocklist which was detected by pgl.
No, I do not have an MTA installed (that I know of), which is new to the log entry here, but did show up during my original tests of loading one, two and three of the blocklists.
Doesn't matter, that's just to send statistics and error reports. If you don't have a MTA installed you can disable all this reporting by setting in /etc/pgl/pglcmd.conf
CRON_MAILTO=""
STATS_MAILTO=""
WD_MAILTO=""
jre
March 30th, 2012, 03:30 PM
So, that's for me catching up with all unanswered posts. If there are questions open, please ask again.
The current main problem seems to be the non-working binaries from oneiric/precise, which cause pgld to crash on every reload (which happens e.g. after the automatic daily blocklist update). The pglcmd.wd fixes this after maximum 5 minutes. Check the mails that are sent to root (unless you configured something else), if you want to know if you are hit by this bug, you will see mails with a subject "pglcmd.wd restarted pgld" next to the daily "Results of pglcmd blocklist update".
I have (at least a little) hope that the new build system (already in the git repository at sourceforge) fixes this, if not use the natty packages.
father_ted
April 3rd, 2012, 12:30 PM
linux gui says i have 4294967295 ip adresses blocked - which seems a bit harsh
Apr 3 17:28:32 INFO: Connected to dbus system bus.
Apr 3 17:28:32 INFO: Started.
Apr 3 17:28:32 INFO: ASCII: 1 entries loaded from "/var/lib/pgl/master_blocklist.p2p"
Apr 3 17:28:32 INFO: Blocking 1 IP ranges (4294967295 IPs).
Apr 3 17:28:32 INFO: NFQUEUE: binding to queue 92
Apr 3 17:28:32 INFO: ACCEPT mark: 20
Apr 3 17:28:32 INFO: REJECT mark: 10
tried reloading and updating lists. no joy.
father_ted
April 3rd, 2012, 12:42 PM
stopped pgld
removed spamhaus drop list.
update lists
restart
it seems blocking the entire Internet stopped the update process. updating with shields down worked.
all is well again.
David006
May 14th, 2012, 09:33 PM
.. If there are questions open, please ask again.
The current main problem seems to be the non-working binaries from oneiric/precise, which cause pgld to crash on every reload ..
Just to clarify ..
Should I just use Natty version on 11.10 (Oneiric) or 12.04 LTS (Precise)?
jre
May 15th, 2012, 05:31 PM
I have no reports for 12.04 (Precise), yet. So probably try the precise packages first and check the first few days the /var/log/pgl/pglcmd.log and your local mail to root for entries from the watchdog (pglcmd.wd). If there aren't any you are fine, but if you see something you should try the natty version.
For 11.10 (Oneiric) you should use the natty version. But verifying it works (like above) would be good anyway.
I hope the issue is fixed in the upcoming 2.1.4. There are some changes which might be related.
Gavin77
May 15th, 2012, 05:46 PM
I have no reports for 12.04 (Precise), yet.
I thought I'd already posted that it was the same on Precise as on Oneiric, it still turns itself off. I'm still using the Natty version without problem.
jre
May 18th, 2012, 03:02 PM
You are right, i forgot that over my holidays ;-)
So allOneiric and Precise users should use the natty sources.list entry until the next update (2.2.0)
vBulletin® v3.8.7, Copyright ©2000-2012, vBulletin Solutions, Inc.