Originally Posted by
uljanow
Have you enabled the FORWARD chain in the ipblock.conf ? If that doesn't help installing iplist in the router kvm might work, although packets should traverse iptables before they reach kvms.
I do have it installed and I do have the Settings|Connection|Forward enabled, but my ipblock.conf is:
Code:
AUTOSTART="Yes"
IPTABLES_CHAIN_BLOCK="INPUT OUTPUT "
IPTABLES_CHAIN_ALLOW="INPUT OUTPUT"
LESS_MEMORY="No"
BLOCK_LIST="level1.gz ads-trackers-and-bad-pr0n.gz edu.gz spyware.gz china.p2p.gz japan.p2p.gz usa.p2p.gz spider.gz bogon.gz "
BLOCK_LIST_INPUT=""
BLOCK_LIST_OUTPUT=""
BLOCK_LIST_FORWARD=""
ALLOW_LIST=""
ALLOW_LIST_INPUT="allow-perm.p2p allow-temp.p2p"
ALLOW_LIST_OUTPUT="allow-perm.p2p allow-temp.p2p"
ALLOW_LIST_FORWARD=""
IGN_TCP_INPUT=""
IGN_UDP_INPUT=""
IGN_TCP_OUTPUT="http https "
IGN_UDP_OUTPUT="domain"
IGN_TCP_FORWARD=""
IGN_UDP_FORWARD=""
IGN_PROTO_INPUT=""
IGN_PROTO_OUTPUT=""
IGN_PROTO_FORWARD=""
IPLIST_LISTDIR="/var/cache/iplist"
LOG_FILE="/tmp/ipblock.log"
LOG_LEVEL="match"
LOG_IPTABLES="No"
VERBOSE="Yes"
URL_FILE="/etc/ipblock.lists"
UPDATE_STAMP="/var/cache/iplist/.update-stamp"
UPDATE_INTERVAL="1"
http_proxy=""
GUI_START_HIDDEN="No"
GUI_AUTOSCROLL="Yes"
GUI_THEME="Gtk"
GUI_WHITELIST_PERM="/var/cache/iplist/allow-perm.p2p"
GUI_WHITELIST_TEMP="/var/cache/iplist/allow-temp.p2p"
What do the forwards mean here and do they have anything to do with the Settings|Connection|Forward checkbox?
Bookmarks