Re: General MoBlock thread
Hey!
I've a problem with moblock: it worked quiet good for a while till i installed it inside a vm. the vm is connected to the network over NAT.
The Problem now is: DNS Resolution is broken, when i activate moblock it stops working, when i stop it it works again...
i tried to reconfigure it with dpkg-reconfigure moblock, but nothing happens?
The moblock-config status:
Code:
alm@defiant:~$ sudo moblock-control status
Current iptables rules (this may take awhile):
Chain INPUT (policy ACCEPT 551K packets, 179M bytes)
pkts bytes target prot opt in out source destination
0 0 moblock_in all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW MARK match !0x14
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 moblock_fw all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW MARK match !0x14
Chain OUTPUT (policy ACCEPT 909K packets, 1154M bytes)
pkts bytes target prot opt in out source destination
3 180 moblock_out all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW MARK match !0x14
Chain moblock_fw (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain moblock_in (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0xa
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
Chain moblock_out (1 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0xa reject-with icmp-port-unreachable
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
3 180 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 92
i did not whitelist lan traffic, but this wasn't a problem in the previous installation...
I'd really appreciate the help,
semteX
Re: General MoBlock thread
Do a "tail -f /var/log/moblock.log" to follow live the logfile. Then you see which IPs get blocked and therefore cause your problems. whitelist them or add them to your allow.p2p.
I'm quite sure that this is a problem with a blocked LAN.
Re: General MoBlock thread
thanks, will try this in a sec...
what's the command to rerun the moblock config menu? i thought it was dpkg-reconfigure but I was quiet wrong with that guess...
add: whitelisted the whole LAN, works like a charm, thanks!
Re: General MoBlock thread
Quote:
Originally Posted by
semteXKG
what's the command to rerun the moblock config menu? i thought it was dpkg-reconfigure but I was quiet wrong with that guess...
I've split the packages: moblock (the daemon from moblock.berlios.de) and moblock-control (everything else), so it is:
Code:
dpkg-reconfigure moblock-control
Glad to hear it's working now!
Re: General MoBlock thread
Hi,
I couldn't find any post for the problem I am facing.
Everytime I run the update manager it downloads few moblock files but update does happen. I am getting the following error message: "Could not dowload all repository indexes" and the following description of the problem:
"GPG error: http://moblock-deb.sourceforge.net hardy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY CB53C4079072870BFailed to fetch http://blognux.free.fr/debian/dists/...86/Packages.gz 404 Not Found
Some index files failed to download, they have been ignored, or old ones used instead."
As I am not a Lnux would anyone knows hot to get it fixed? I would really appreciate if the explanation is in a "for Dummies" way. :-)
Thanks a lot!
Re: General MoBlock thread
@jre
Do you know any script to merge IP ranges?
I already have a nice script that download lists from several sources, extract compressed files and cat them into a few different lists, but there is one list that I need to merge, because it's not working on Deluge's blocklist plugin with just appended ranges.
I know moblock can download, extract and "cat" the ranges, but I'm using a different approach with it. I've created different compilation lists that I use depending on what I'm doing and if there are ports open or not. For example, if I'm just browsing the web I use my custom "web browsing" list which is more forgiven. If I'm using p2p and thus have a port open I use a more restrictive list, the same goes for games and other stuff. This way, is very easy to enable/disable a single list on mobloquer instead of several lists each time my activity requires a different level of protection. So I have like 4 lists with different levels of protection in mobloquer's blocklist sources.
The way I'm doing I can update all lists, including those not supported by moblock, and "cat" them with a single command. Would be nice if I could merge them, so I don't have to open TinyBLM on Wine to do this (this command-line thing is making me a little bit lazy these days :-))
Re: General MoBlock thread
Quote:
Originally Posted by
GPizza
"GPG error:
http://moblock-deb.sourceforge.net hardy
Release: The following signatures couldn't be verified because the public key is not available:
NO_PUBKEY CB53C407
9072870B
This is just a warning, but not an error. You get all needed files of moblock-deb.sourceforge.net - but you can't verify them (so you can't be sure if you really get my packages or if someone bad is faking them). The installation of MoBlock will work anyway.
To verify you have to add my GPG key. Do the following in the terminal:
Code:
gpg --keyserver wwwkeys.eu.pgp.net --recv 9072870B
gpg --export --armor 9072870B | sudo apt-key add -
Quote:
Originally Posted by
GPizza
This is an entry not related to MoBlock. Either you messed it up when you added this entry to your /etc/apt/sources.list or the remote site changed. So you have to check this.
Re: General MoBlock thread
Quote:
Originally Posted by
lovinglinux
Do you know any script to merge IP ranges?
I already have a nice script that download lists from several sources, extract compressed files and cat them into a few different lists, but there is one list that I need to merge, because it's not working on Deluge's blocklist plugin with just appended ranges.
General: I think merging is too much for doing it with an script, but calling some application from within a script should be good, too:
Obviously you already know BLM (BTW, where do you get it, I haven't found it on bluetack). Can't you use it from the command line?
I know of a guy who is working on a command line merging tool, but there's nothing available, yet.
You can try the old peerguardnf (old PG Linux, development is discontinued), which has a list merging feature. You can download it from https://sourceforge.net/projects/peerguardian.
Use it with:
Code:
cat LIST1 LIST2 ... | peerguardnf -f merged.p2p
Perhaps you can also use the merge feature from iblocklist.com (for VIP members only). But I don't know if this works for you.
Re: General MoBlock thread
You can also use iplist to merge/convert lists by invoking it like
Code:
iplist --output=merged.p2p.gz --output-fmt=p2p list1.p2p list2.dat list2.p2p.gz ...
Re: General MoBlock thread
Quote:
Originally Posted by
jre
General: I think merging is too much for doing it with an script, but calling some application from within a script should be good, too:
Yep, this is what I want.
Quote:
Originally Posted by
jre
Obviously you already know BLM (BTW, where do you get it, I haven't found it on bluetack).
BLM does not play well with Wine. I get TinyBLM form here and BLM form here.
Quote:
Originally Posted by
jre
Can't you use it from the command line?
I don't know. Is it possible to use command line to invoke an application with Wine?
Quote:
Originally Posted by
jre
I know of a guy who is working on a command line merging tool, but there's nothing available, yet.
Please let me know when available. I would like to test it.
Quote:
Originally Posted by
jre
You can try the old peerguardnf (old PG Linux, development is discontinued), which has a list merging feature. You can download it from
https://sourceforge.net/projects/peerguardian.
Use it with:
Code:
cat LIST1 LIST2 ... | peerguardnf -f merged.p2p
This could be a solution. Is there any incompatibility with moblock?
EDIT: AWESOME. It works like a charm and it is much faster than TinyBLM. It produces more merged lines, since it doesn't merge several consecutive ranges with different descriptions like Tiny BLM, but the speed and the command-line control are much more important. Thank you very much. Just to be sure, if I don't send any other command to peerguardian it won't be loaded and won't mess with my iptables right?
Quote:
Originally Posted by
jre
Perhaps you can also use the merge feature from iblocklist.com (for VIP members only). But I don't know if this works for you.
I'm contributing with new ranges, but I still don't have a VIP account. I guess I will get one soon, but I don't think it would be possible to make the process automatic.
Thank you very much for your help.
Quote:
Originally Posted by
uljanow
You can also use iplist to merge/convert lists by invoking it like
Code:
iplist --output=merged.p2p.gz --output-fmt=p2p list1.p2p list2.dat list2.p2p.gz ...
Thanks for the tip. Unfortunately, you can't install iplist and moblock at the same time.