This article describes how to block lists with a graphical front-end called
IPblock. No knowledge of networking, firewalls or command-line configuration are needed. Due to the way
IPblock works it doesn't change the behavior of existing firewalls which makes it compatible
[1] with other firewall applications like
ufw,
shorewall or
fireHOL. This howto is intended for Beginners and was tested on Ubuntu Feisty, Gutsy, Hardy, Intrepid, Jaunty and Karmic (32-bit and 64-bit).
Installation
Add the iplist repository to your sources.list. Make sure to use the correct sources.list that corresponds to your current distribution:
- Ubuntu 10.10 "Maverick Meerkat":
Code:
sudo wget http://iplist.sf.net/sources.list.d/maverick.list -O /etc/apt/sources.list.d/iplist.list
- Ubuntu 10.04 LTS "Lucid Lynx":
Code:
sudo wget http://iplist.sf.net/sources.list.d/lucid.list -O /etc/apt/sources.list.d/iplist.list
- Ubuntu 9.10 "Karmic Koala":
Code:
sudo wget http://iplist.sf.net/sources.list.d/karmic.list -O /etc/apt/sources.list.d/iplist.list
- Ubuntu 9.04 "Jaunty Jackalope":
Code:
sudo wget http://iplist.sf.net/sources.list.d/jaunty.list -O /etc/apt/sources.list.d/iplist.list
- Ubuntu 8.10 "Intrepid Ibex":
Code:
sudo wget http://iplist.sf.net/sources.list.d/intrepid.list -O /etc/apt/sources.list.d/iplist.list
- Ubuntu 8.04 "Hardy Heron":
Code:
sudo wget http://iplist.sf.net/sources.list.d/hardy.list -O /etc/apt/sources.list.d/iplist.list
The key of the signed packages can be imported like this:
Code:
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com C6E3D905C8BCD56BB02E6E0B39456311108B243F
There is also another way to import the key. You could save the
pub key to a file and import it through
System->Administration->Software Sources->Authentication->Import Key-file.
After an update of the Software sources iplist can be installed with any package manager. E.g.:
Code:
sudo apt-get update
sudo apt-get install iplist
Note: If
sun-java* is installed by
gdebi it requires to open the terminal part of
gdebi and accept sun's license agreement.
Packages for Feisty and Gutsy can be found in the 0.19 release.
After the installation
IPblock can be found in
Applications -> Internet -> IPblock.
Lists
The default choice for lists is similar to
PeerGuardian.
- level1.gz - Anti-P2P organizations and known government addresses
- ads-trackers-and-bad-pr0n.gz - Advertising and data tracker servers
- spyware.gz - Malicious spyware and adware servers
- edu.gz - Educational institutions and universities
- bogon.gz - Spoofed IP-addresses
These lists are maintained by
www.bluetack.co.uk (list descriptions). Custom p2p or dat lists can easily be added. Note that lists can optionally be compressed with gzip.
The URL file
/etc/ipblock.lists contains list descriptions.
Settings
All options can be configured in this and the network tab. Auto-updating lists is important and the default choice of 2 days is reasonable. Using out-of-date lists is not recommended.
To ignore outgoing network traffic like HTTP or EMAIL (pop3) use the ignored ports section. Note that http and dns (domain) is ignored by default. The connection-settings specify which type of connections should be filtered.
[1] NOTE: IPblock needs to be started after other firewall applications.
FAQ on iplist.sf.net
Bookmarks