Page 52 of 120 FirstFirst ... 242505152535462102 ... LastLast
Results 511 to 520 of 1196

Thread: Moblock (peerguardian linux alternative)

  1. #511
    Join Date
    Feb 2006
    Beans
    28
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Moblock (peerguardian linux alternative)

    Has there been any progress in a GUI for MoBlock?

  2. #512
    Join Date
    Nov 2005
    Location
    Scandinavia
    Beans
    939

    Re: Moblock (peerguardian linux alternative)

    Nope. You'll be better of just creating a "launcher" and tick "run in terminal". The "command should be;
    Code:
    tail -f /var/log/moblock.log
    If you're a bit adventurous, you could try something like this;
    Code:
    [ -n "$(pidof moblock)" ] && tail -f /var/log/moblock.log || echo "moblock is not running..."
    This last code block is not fool proof, since i'm _not_ running ubuntu ATM. So i don't know if this still applies. (You should note however, that moblock takes some time to register it's "pid" so don't hammer this right away after booting up...)

    Now, if you do this in kde (create a launcher, that is), you can have it placed in the system tray if you want. yay!
    Last edited by pelle.k; May 22nd, 2007 at 09:27 PM.
    - "though It seems that I know that I know, what I would like to see Is the I that sees me, when I know that I know that I know" / Alan Watts

  3. #513
    Join Date
    Sep 2006
    Beans
    Hidden!

    Re: Moblock (peerguardian linux alternative)

    Hello, I followed your feisty instructions. Everything seems to be going fine & I was wondering how to make moblock startup when I startup my ubuntu install. Thanks.

    tip: I also use a good hosts file, http://www.mvps.org/winhelp2002/hosts.htm

  4. #514
    Join Date
    Apr 2007
    Beans
    9

    Re: Moblock (peerguardian linux alternative)

    Hey all,

    I used the following instructions to get moblock working on my Feisty 64bit install:

    sudo dpkg -i libnfnetlink0_0.0.14-1.1_amd64.deb
    sudo dpkg -i libnfnetlink-dev_0.0.14-1.1_amd64.deb
    sudo dpkg -i libnetfilter-queue_0.0.11-1.1_amd64.deb
    sudo dpkg -i libnetfilter-queue-dev_0.0.11-1.1_amd64.deb
    sudo dpkg -i moblock-nfq_0.8-10_amd64.deb

    moblock works, as far as I can tell, but I've got a broken package now. Synaptic manager tells me that libnetfilter-queue-dev is broken, but when I try to reinstall it, it tells me I have to install libnetfilter-queue1 as well. Fine by me, but I get the following error:

    E: /var/cache/apt/archives/libnetfilter-queue1_0.0.12-1_amd64.deb: trying to overwrite `/usr/lib/libnetfilter_queue_libipq.so.1.0.0', which is also in package libnetfilter-queue

    I'm very new to Ubuntu, so I'm afraid to proceed on my own here...

  5. #515
    Join Date
    May 2007
    Beans
    4

    Re: Moblock (peerguardian linux alternative)

    Quote Originally Posted by jre View Post
    @shame: a "normal" firewall and moblock have different purposes. If you want to block the IPs in moblock´s blocklist then moblock is usefull for you (this is all moblock is for, nothing more, nothing less). Go to www.bluetack.co.uk to see of what kind these IPs are.
    On the other side your routers firewall will give you protection against unwanted connections/attacks not related to specific IPs.
    but iptables -A INPUT -s $i -j DROP blacklists a host $i completely; apparently, a firewall is rather good in blacklisting, and has many other options as well.

    isnt this basicly what moblock does; sets the behavior of the firewall? I thought it was simply a script to use the well researched blacklists maintained for peerguardian with netfilter firewall, and to update them automatically?

    when it comes to classifying packages coming to your host and dealing with them accordingly , firewalls do this 'for living', and are very sophisticated in this, with a lot of possibilities.
    Last edited by aryah; May 25th, 2007 at 02:39 AM.

  6. #516
    Join Date
    Jan 2007
    Beans
    772

    Re: Moblock (peerguardian linux alternative)

    @aryah: Yes, what moblock does is basicly the same as inserting iptables rules for DROPing every range in the blacklists. It just does the dropping via the iptables rule QUEUE since this is faster for such a long list of IP ranges.
    And yes, other firewalls in Linux also use the rich functionality of iptables (but in most cases not only based on the IP as moblock does).

  7. #517
    Join Date
    Nov 2006
    Beans
    3

    Re: Moblock (peerguardian linux alternative)

    I didn't see this issue addressed before but I could have missed it scanning the posts.

    I have a problem with moblock-nfq when using apache and ssh. when its installed, web requests made to the server moblock is running on take ~7 seconds to reply instead of being near instant on my local network. The lag also occurs after putting my username in when I ssh to the machine. It takes ~7 seconds for the password prompt to pop back up. I'm a 4th year cs student and ip tables are one of those things I've heard of but never worked with so I'm at a bit of a loss in figuring out where to start.

    I don't have any firewall or really anything other than a basic kubuntu LAMP setup. Fresh install a week or two ago.

    First thing I did was try and add http to the whitelist but there was no effect:
    Code:
    #!/bin/sh
    #
    # MoBlock.sh - MoBlock start script
    # ---------------------------------
    
    ACTIVATE_CHAINS=1
    WHITE_TCP_IN="http"
    WHITE_UDP_IN="http"
    WHITE_TCP_OUT="http"
    WHITE_UDP_OUT="http"
    WHITE_TCP_FORWARD="http https"
    WHITE_UDP_FORWARD="http https"

    And here's iptables -L:
    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    ACCEPT     0    --  anywhere             anywhere
    MOBLOCK_IN  0    --  anywhere             anywhere            state NEW
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    MOBLOCK_FW  0    --  anywhere             anywhere            state NEW
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    ACCEPT     0    --  anywhere             anywhere
    MOBLOCK_OUT  0    --  anywhere             anywhere            state NEW
    
    Chain MOBLOCK_FW (1 references)
    target     prot opt source               destination
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:https
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
    NFQUEUE    0    --  anywhere             anywhere            NFQUEUE num 0
    
    Chain MOBLOCK_IN (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
    NFQUEUE    0    --  anywhere             anywhere            NFQUEUE num 0
    
    Chain MOBLOCK_OUT (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
    NFQUEUE    0    --  anywhere             anywhere            NFQUEUE num 0
    I would be very grateful of any help and I'm curious if anyone else uses torrentflux when moblock. I just rebuilt a server and things were working with a 8 or 9 month old version and older version of kubuntu before the harddrive expired.

    Thanks
    -Phish

  8. #518
    Join Date
    May 2007
    Location
    Germany
    Beans
    7
    Distro
    Xubuntu 8.04 Hardy Heron

    Re: Moblock (peerguardian linux alternative)

    Hello everybody,

    I am running Moblock on a xubuntu (Edgy Eft) system and it's running okay so far. But I can't connect to jabber servers while Moblock is running.

    Code:
    Blocked OUT: Chaos Computer Club,hits: 1,DST: 217.10.10.194
    Blocked OUT: Chaos Computer Club,hits: 2,DST: 217.10.10.194
    Blocked OUT: Chaos Computer Club,hits: 3,DST: 217.10.10.194
    Blocked OUT: Chaos Computer Club,hits: 4,DST: 217.10.10.194
    This ip address is for jabber.ccc.de and I tried to unblock the ip address in /etc/cron.daily/moblock-nfq but it did not work. Does somebody here know how to unblock that specific ip address?

    Thanks.

  9. #519
    Join Date
    May 2007
    Location
    Germany
    Beans
    7
    Distro
    Xubuntu 8.04 Hardy Heron

    Re: Moblock (peerguardian linux alternative)

    That was a quick one, I just needed to unblock the jabber ports in /etc/moblock/MoBlock-nfq.sh.

  10. #520
    Join Date
    May 2007
    Location
    Trieste, Italy
    Beans
    26
    Distro
    Ubuntu

    Re: Moblock (peerguardian linux alternative)

    wrong post

Page 52 of 120 FirstFirst ... 242505152535462102 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •