Hi JRE, All,
I have been running Moblock for a while on Linux Mint Daryna but new distro Mint Elyssa (Hardy based) = new problems.
I use Firestarter as firewall.
I installed Moblock and it worked straight out of the box. For a while. I had to adjust moblock.conf and used the same settings as before.
Then moblock did not want to start at all anymore.
Status:
Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 192.168.0.1 0.0.0.0/0 tcp flags:!0x17/0x02
35 7185 ACCEPT udp -- * * 192.168.0.1 0.0.0.0/0
60 2520 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
0 0 LSI udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:33434
0 0 LSI icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- eth0 * 0.0.0.0/0 255.255.255.255
10 2505 DROP all -- * * 0.0.0.0/0 192.168.0.255
0 0 DROP all -- * * 224.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/8
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 LSI all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5
602 522K INBOUND all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 LOG_FILTER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Input'
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 1/sec burst 5
0 0 LSI udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:33434
0 0 LSI icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG_FILTER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Forward'
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 192.168.0.2 192.168.0.1 tcp dpt:53
41 2545 ACCEPT udp -- * * 192.168.0.2 192.168.0.1 udp dpt:53
60 2520 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 224.0.0.0/8 0.0.0.0/0
2 136 DROP all -- * * 0.0.0.0/0 224.0.0.0/8
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
574 44221 OUTBOUND all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 LOG_FILTER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Output'
Chain INBOUND (1 references)
pkts bytes target prot opt in out source destination
602 522K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 LSI all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOG_FILTER (5 references)
pkts bytes target prot opt in out source destination
Chain LSI (6 references)
pkts bytes target prot opt in out source destination
0 0 LOG_FILTER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Inbound '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LSO (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG_FILTER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Outbound '
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
518 39692 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
56 4529 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain moblock_fw (0 references)
pkts bytes target prot opt in out source destination
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
Chain moblock_in (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 64.15.112.0 0.0.0.0/0
0 0 RETURN all -- * * 192.168.0.0/16 0.0.0.0/0
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
Chain moblock_out (0 references)
pkts bytes target prot opt in out source destination
0 0 NFQUEUE all -- * * 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
Please check if the above printed iptables rules are correct!
* moblock is not running.
Moblock-control.log:
Code:
[sudo] password for eddy:
YAHOOZ-060921002953:75.35.59.144-75.35.59.151
YAHOOZ-061003013011:75.41.158.152-75.41.158.159
YAHOOZ-070828170428:76.246.182.152-76.246.182.159
Installing blocklist to /etc/moblock/guarding.p2p [ OK ]
* MoBlock is not running.
2008-06-07 10:44:00 EST End: moblock-control update
2008-06-07 10:44:16 EST Begin: moblock-control start
Inserting iptablesiptables v1.3.8: host/network `-' not found
Try `iptables -h' or 'iptables --help' for more information.
[fail]
2008-06-07 11:00:23 EST Begin: moblock-control reload
Building blocklist [ OK ]
Removing lines containing the following regular expressions from the blocklist:
google
yahoo
altavista
debian
sourceforge
Removed the following lines:
add2.dir.scd.yahoo.com ads:66.218.70.227-66.218.70.227
BOGDAN_LUCIAN_CRISTIAN-YAHOOCOM:208.98.12.0-208.98.12.63
Cuyahooga County Bar Assoc:66.73.60.72-66.73.60.79
extads1.vip.ukl.yahoo.com ads:217.12.4.96-217.12.4.96
gigenfu@yahoo.com.tw:218.210.18.64-218.210.18.71
GOOGLE-NL:213.19.160.192-213.19.160.207
GOOGLE/PLANET LABS:208.185.40.192-208.185.40.223
GOOGLE/PLANET LABS:208.185.4.128-208.185.4.159
GOOGLE/PLANET LABS:208.185.42.96-208.185.42.127
NTT Com/SOL/VTF/EH/Sony/Google:157.238.217.32-157.238.217.39
rd1.vip.ukl.yahoo.com ads:217.12.6.21-217.12.6.21
Savvis-Sourceforge Split1 Start Range:66.35.192.0-66.35.249.255
Savvis Sourceforge Split2 End Range:66.35.251.0-66.35.255.255
sexymagnet.com/p2w1.geo.scd.yahoo.com]:66.218.79.157-66.218.79.157
SNET TEST YAHOO 01:66.159.160.136-66.159.160.143
SNET TEST YAHOO 02:66.159.160.144-66.159.160.151
SNET TEST YAHOO 03:66.159.160.152-66.159.160.159
SNET TEST YAHOO 04:66.159.160.160-66.159.160.167
SNET TEST YAHOO 05:66.159.160.168-66.159.160.183
SNET TEST YAHOO 06:66.159.160.184-66.159.160.191
SNET TEST YAHOO 07:66.159.160.192-66.159.160.199
SNET TEST YAHOO 09:66.159.160.208-66.159.160.215
SNET TEST YAHOO 10:66.159.160.216-66.159.160.223
SNET TEST YAHOO 11:66.159.160.224-66.159.160.231
SNET TEST YAHOO 3004:64.252.30.112-64.252.30.119
SNET TEST YAHOO:64.252.30.80-64.252.30.111
SNET TEST YAHOO:66.159.160.200-66.159.160.207
SNET TEST YAHOO:66.159.160.232-66.159.160.255
SNET TEST YAHOO:66.159.160.32-66.159.160.39
SNET TEST YAHOO:66.159.160.8-66.159.160.23
SNET TEST YAHOO:66.159.185.0-66.159.185.47
Software in the Public Interest / Debian:194.109.137.216-194.109.137.223
Taiwan Yahoo Electric Co., Ltd:203.74.105.88-203.74.105.95
Tonghua Yahoo Netbar,Kuaida Town , Tonghua City,:218.62.120.236-218.62.120.239
Tor.debian40etch64minim:88.198.17.116-88.198.17.116
tsaisuntech@yahoo.com:220.228.117.128-220.228.117.135
yahoo fraud scammer:68.195.62.40-68.195.62.40
YAHOOPC:218.233.116.192-218.233.116.255
yahoo scammer:4.65.105.109-4.65.105.109
Yahoo Software Development India Pvt. Ltd:203.145.181.48-203.145.181.63
YAHOOZ-060921002953:75.35.59.144-75.35.59.151
YAHOOZ-061003013011:75.41.158.152-75.41.158.159
YAHOOZ-070828170428:76.246.182.152-76.246.182.159
Installing blocklist to /etc/moblock/guarding.p2p [ OK ]
* MoBlock is not running.
2008-06-07 11:00:33 EST End: moblock-control reload
2008-06-07 11:00:54 EST Begin: moblock-control restart
Deleting iptablesiptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: Bad rule (does a matching rule exist in that chain?)
* Some iptables rules could not be deleted. The most common reason for this is
* that they did not exist. If MoBlock was not running this is the correct
* behaviour. But if MoBlock was running there is some problem. Make sure that
* MoBlock inserts its iptables rules correctly and that other software, e.g.
* firewall applications, don't delete them. Make sure that MoBlock is started
* after other firewall applications.
Stopping MoBlock [fail]
Inserting iptablesiptables v1.3.8: host/network `-' not found
Try `iptables -h' or 'iptables --help' for more information.
I have tried to delete and re-install but that didn't work either.
I have ben fiddling a bit more and it looks like the remove and re-install did not work properly:
Code:
[sudo] password for eddy:
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 17 not upgraded.
Need to get 0B/59.6kB of archives.
After this operation, 0B of additional disk space will be used.
Do you want to continue [Y/n]? y
(Reading database ... 87966 files and directories currently installed.)
Preparing to replace moblock 0.9~rc2-11~hardy (using .../moblock_0.9~rc2-11~hardy_i386.deb) ...
* Stopping MoBlock moblock [fail]
invoke-rc.d: initscript moblock, action "stop" failed.
dpkg: warning - old pre-removal script returned error exit status 3
dpkg - trying script from the new package instead ...
* Stopping MoBlock moblock [fail]
invoke-rc.d: initscript moblock, action "stop" failed.
dpkg: error processing /var/cache/apt/archives/moblock_0.9~rc2-11~hardy_i386.deb (--unpack):
subprocess new pre-removal script returned error exit status 3
* Starting MoBlock moblock invoke-rc.d: initscript moblock, action "start" failed.
dpkg: error while cleaning up:
subprocess post-installation script returned error exit status 8
Errors were encountered while processing:
/var/cache/apt/archives/moblock_0.9~rc2-11~hardy_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code
So, I can not uninstall or re-install it.
Tried a apt-get -f install but the same thing:
Code:
eddy@eddy-mint2 ~ $ sudo apt-get -f install
Reading package lists... Done
Building dependency tree
Reading state information... Done
Correcting dependencies... Done
The following extra packages will be installed:
libnetfilter-queue1 libnfnetlink0
The following NEW packages will be installed:
libnetfilter-queue1 libnfnetlink0
0 upgraded, 2 newly installed, 0 to remove and 17 not upgraded.
1 not fully installed or removed.
Need to get 0B/78.9kB of archives.
After this operation, 139kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Selecting previously deselected package libnfnetlink0.
(Reading database ... 87954 files and directories currently installed.)
Unpacking libnfnetlink0 (from .../libnfnetlink0_0.0.30-2_i386.deb) ...
Selecting previously deselected package libnetfilter-queue1.
Unpacking libnetfilter-queue1 (from .../libnetfilter-queue1_0.0.13-1_i386.deb) ...
Selecting previously deselected package moblock.
Preparing to replace moblock 0.9~rc2-11~hardy (using .../moblock_0.9~rc2-11~hardy_i386.deb) ...
* Stopping MoBlock moblock [fail]
invoke-rc.d: initscript moblock, action "stop" failed.
dpkg: warning - old pre-removal script returned error exit status 3
dpkg - trying script from the new package instead ...
* Stopping MoBlock moblock [fail]
invoke-rc.d: initscript moblock, action "stop" failed.
dpkg: error processing /var/cache/apt/archives/moblock_0.9~rc2-11~hardy_i386.deb (--unpack):
subprocess new pre-removal script returned error exit status 3
* Starting MoBlock moblock invoke-rc.d: initscript moblock, action "start" failed.
dpkg: error while cleaning up:
subprocess post-installation script returned error exit status 8
Errors were encountered while processing:
/var/cache/apt/archives/moblock_0.9~rc2-11~hardy_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
Any idea?
Bookmarks