should be;Code:WHITE_TCP_OUT=""
but it does not seem to work, port whitelisting seems to be broken. I wish moblock in the log displayed the port that an IP was blocked on.....Code:WHITE_TCP_OUT="80 443"
should be;Code:WHITE_TCP_OUT=""
but it does not seem to work, port whitelisting seems to be broken. I wish moblock in the log displayed the port that an IP was blocked on.....Code:WHITE_TCP_OUT="80 443"
I'm a big time linux newb --- however I thought I'd share my experience with moblock on gutsy. The instant I installed the ipq package, i was blocked from grabbing the npq package --
it seems that the lists used over at bluetack use blanket-blocking.
or perhaps there are moles submitting ip ranges at bluetack to make the use of such blockers more troublesome than they should be
Anyone have a list that isn't so massive - perhaps anti-p2p folks are lurking on every possible server out there
viva la resistance!
Ron Paul for president!
First off, please post your settings and logs only in CODE tags, that makes reading your posts much easier!
moblock.conf and moblock-control.log look fine so far. Did everything work before the updates of last weekend?
I'm really confused about the reports that whitelisting does not work. I've already received reports saying that everything works.
So for people with problems: Please post "moblock-control status" and verify in /var/log/moblock.log that the IPs were really blocked by MoBlock. Finally always tell your moblock version.
@deviant420, can't be that you are blocked from installing moblock-nfq. Try again.
Have a look at /usr/share/doc/moblock-nfq/README.blocklists.gz to learn more about available blocklists. The level1 list is the most popular one. If You change blocklists remember to configure the right blocklist format, too.
Please post your logfiles and output of commands wrapped in code tags:Co-author of PeerGuardian Linux (pgl). Maintainer of the pgl package repositories for Debian and Ubuntu.Code:[code]output[/code]
If you are still having problems with connecting to the internet, try the following in this order:
1. Whitelist your subnet (i.e. ignore blocklist for internal networking)
What is your IP address and corresponding subnet? Check using ifconfig. If your IP address is 192.168.1.118, then you want to whitelist everything on 192.168.1.0/24 in
/etc/moblock/moblock.conf
WHITE_IP_OUT="192.168.1.0/24"
Don't forget sudo moblock-control restart
2. If you still encounter issues, you may whitelist all http and https services (i.e. ignore blocklist for http and https)
WHITE_TCP_OUT="http https"
I found that WHITE_TCP_OUT="80 443 1000:1024" did not work for me.
Don't forget sudo moblock-control restart
Good luck. Let us know if this helps you (or hit the 'thanks' icon on the bottom right). Thx.
Last edited by kacheng; December 27th, 2007 at 12:36 PM.
I had an issue with the upgrade, and fortunately running the above steps was able to resolve it.
However, (assuming some developers for moblock are reading this) since I run moblock on a headless system running this reinstall becomes a pain because it blocks communication with my local network. (Since I have to effectively blow away my configuration file) This forces me to haul out a monitor to plug into my system so I can log on locally and fix this issue.
A bit frustrating that this happens what seems to be every time an upgrade comes out.
I'm unsure what was so broken about 0.8-36, but 0.8-39 fixed all my problems!
Thanks!
I'm the developer of the debian packages/moblock-control. So all changes (good and bad) in 0.8-xy are from me.
First, I try to change the conf files as seldom as possible. But if there is an improvement to be done or even an bug to be fixed (as in 0.8-33 - 0.8-39) then I think it's better to change it.
Second, if you install via SSH you already have a connection. Since MoBlock only blocks NEW connections this connection won't be blocked. So if you update and edit the moblock.conf during the same session everything should go well. (This is theory, I'm on an Desktop with Monitor)
/usr/share/doc/moblock-nfq/changelog.Debian.gz tells the story
greets
jre
Please post your logfiles and output of commands wrapped in code tags:Co-author of PeerGuardian Linux (pgl). Maintainer of the pgl package repositories for Debian and Ubuntu.Code:[code]output[/code]
I don't know if this has been covered before but I did search the forums and skim over some of the recent posts.....
I had a few problems getting firestarter to play nice with moblock.... so a little iptables work and.... i think its working now. Its my first post (yes im so n00b) and please be gentle
well i ran a
and saw that moblock was way at the bottom of the table. that didnt seem right so a few little commands to move thingsCode:iptables -L INPUT
of course i have no idea if this has been covered... or if this really leaves firestarter fully functional at the same time. i did check to make sure that moblock was loggin hits by doing "tail -f /var/log/moblock.log"Code:# remove moblock_in jump from INPUT table iptables -D INPUT -p all -m state --state NEW -j moblock_in # add moblock_in jump from INPUT table iptables -I INPUT -p all -m state --state NEW -j moblock_in # remove moblock_in jump from OUTPUT table iptables -D OUTPUT -p all -m state --state NEW -j moblock_out # add moblock_in jump from OUTPUT table iptables -I OUTPUT -p all -m state --state NEW -j moblock_out # remove moblock_in jump from FORWARD table iptables -D FORWARD -p all -m state --state NEW -j moblock_fw # add moblock_in jump from FORWARD table iptables -I FORWARD -p all -m state --state NEW -j moblock_fw
Well its nap time. I hope this helps someone
Please don´t be offended, but, lol, you did absolutely the wrong thing
What you did is good to get MoBlock working but you completely ruined firestarter. There´s no known way to use both of these programs (there´s only a solution for firehol and MoBlock known)
Let me explain: MoBlock 0.8 either ACCEPTs or DROPs packets. This means as soon as any traffic is sent to MoBlock it will leave iptables - it will not be checked by any following rule - and since you put MoBlock on the first place ...
This problem will be solved in MoBlock 0.9
greets
jre
Please post your logfiles and output of commands wrapped in code tags:Co-author of PeerGuardian Linux (pgl). Maintainer of the pgl package repositories for Debian and Ubuntu.Code:[code]output[/code]
Bookmarks