General MoBlock thread

[JasonDFR]

My question is about opening a Listening Port to use with Transmission torrent client.

When moblock is NOT running, the port I have assigned to Transmission is open.

When moblock IS running, the port I have assigned to Transmission is closed.

I would like this port to be opened, but still have moblock screening all the blocklisted ips.

Whitelisting the port with the setting below will open the port for Transmission, however I still want the traffic to be screened. Is the traffic still screened when you open a port in this way? Or is all traffic on this port whitelisted?

Code:

WHITE_TCP_IN="12345"

What changes to the configuration are necessary to open a listening port for Transmission, but still have all the traffic connecting to Transmission screened?

BTW, I have the latest version of MoBlock as of March 29 2009.

Thanks.

[lovinglinux]

My question is about opening a Listening Port to use with Transmission torrent client.

When moblock is NOT running, the port I have assigned to Transmission is open.

When moblock IS running, the port I have assigned to Transmission is closed.

I would like this port to be opened, but still have moblock screening all the blocklisted ips.

I'm not sure what exactly is your situation. Moblock itself doesn't close ports, unless you have iptables rules in the built-in custom scripts. So first check if you have any rules on these files:

/etc/blockcontrol/iptables-custom-insert.sh
/etc/blockcontrol/iptables-custom-remove.sh

The first script above is loaded when you start moblock and the second is loaded when you stop moblock. These scripts are not related to the IP blocking feature, they are for regular iptables (firewall) rules, which means you can use them to replace a firewall manager like Firestarter or UFW. It appears that you might have some rules in the iptables-custom-insert.sh that would be closing the port. So when you start moblock the script iptables-custom-insert.sh kicks in an close it. When you stop moblock, then iptables-custom-remove.sh kicks in and could be removing the rules closing the port. This is one possible scenario if I understood you correctly.

Another possible scenario is that you have a firewall manager being loaded after moblock and it is overriding moblock's rules, closing the torrent port. When you stop moblock, the firewall manager rules would be overwritten and the port is opened.

Whitelisting the port with the setting below will open the port for Transmission, however I still want the traffic to be screened. Is the traffic still screened when you open a port in this way? Or is all traffic on this port whitelisted?

Code:

WHITE_TCP_IN="12345"

I think you are confusing things. You can close a port by disabling it's forwarding from the router to your machine or through a firewall rule that will DROP or REJECT traffic on that port. On both cases, no incoming connections will reach the client application (Transmission). As already explained, moblock doesn't close ports if you don't configure the custom iptables scripts. What it does is filter connections based on IP on all ports. You can of course whitelist a port, like you suggested above. In this case, moblock will not filter connections by IP on that port, but that doesn't mean the port is open, because you still need to allow incoming traffic through it in the iptables rules.

The configuration you suggested above is not recommended if you want to filter IPs, because the port will be whitelisted by moblock. Which means moblock will ignore connections on that port and will let them go through the rest of the iptables rules. In other words, is like disabling moblock for that specific port. If you don't have iptables rules blocking that port, then it will be completely open.

What changes to the configuration are necessary to open a listening port for Transmission, but still have all the traffic connecting to Transmission screened?

• Make sure the port selected on Transmission for receiving incoming connections is forwarded by the router to your machine
• Make sure you have iptables rules that allow incoming connections on that port. This can be achieved using the iptables-custom-insert.sh script OR using a firewall manager like Firestarter and UFW OR by your own iptables scripts OR by adding the rule through command-line.
• If you use a firewall manager, make sure moblock is started after it, otherwise the firewall manager will overwrite moblock's rules, turning it useless.
• Don't whitelist the port on moblock's configuration if you want to filter the IPs from blocklists. I guess this is why you are using moblock.

[jre]

@dj_flx: Thanks. I will then remove the static repository now. As I learnt, there are quite a few people on hardy, so I will try to continue support till 2011-04 (as long as the LTS desktop support by Ubuntu). I think dropping gutsy is no problem (support by Ubuntu will stop anyway on 2009-04-18).

@JasonDFR: You and lovinglinux are right, adding this port to WHITE_TCP_... would disable MoBlock for exactly the traffic that you want to check. So don't do it. To fully understand what is happening you should post your iptables rules. (sudo iptables -L -nv)
Although this is possible, I doubt that the reason is in your custom iptables scripts. Instead I think that transmission will check if a port is open by requesting a connect attempt by a certain test-IP. I think this test-IP is in the blocklists (for whatever reasons). So I recommend to watch your moblock.log and allow traffic to especially this test-IP (WHITE_IP_[IN|OUT]).

[lovinglinux]

@dj_flx: Thanks. I will then remove the static repository now. As I learnt, there are quite a few people on hardy, so I will try to continue support till 2011-04 (as long as the LTS desktop support by Ubuntu). I think dropping gutsy is no problem (support by Ubuntu will stop anyway on 2009-04-18).

Nice.

Although this is possible, I doubt that the reason is in your custom iptables scripts. Instead I think that transmission will check if a port is open by requesting a connect attempt by a certain test-IP. I think this test-IP is in the blocklists (for whatever reasons). So I recommend to watch your moblock.log and allow traffic to especially this test-IP (WHITE_IP_[IN|OUT]).

Occam’s Razor

[JasonDFR]

Instead I think that transmission will check if a port is open by requesting a connect attempt by a certain test-IP. I think this test-IP is in the blocklists (for whatever reasons). So I recommend to watch your moblock.log and allow traffic to especially this test-IP (WHITE_IP_[IN|OUT]).

The above is exactly what is happening. 91.121.74.28 is blocked when Transmission checks to see if a port is open or not. 91.121.74.28 belongs to Transmissionbt.com, as far as I can tell.

The settings below cause Transmission to report that the port is open.

Code:

WHITE_IP_IN="91.121.74.28"
WHITE_IP_OUT="91.121.74.28"

@lovinglinux: Thanks for taking the time to explain things so well.

My router is set to open the port I am using. Moblock is simply not allowing Transmission to check the status of the port because it is blocking the ip Transmission attempts to connect to.

@jre: I had not even thought about how Transmission determines if a port is open or not. Thanks a lot for the great advice.

[lovinglinux]

@lovinglinux: Thanks for taking the time to explain things so well.

My router is set to open the port I am using. Moblock is simply not allowing Transmission to check the status of the port because it is blocking the ip Transmission attempts to connect to.

@jre: I had not even thought about how Transmission determines if a port is open or not. Thanks a lot for the great advice.

I haven't thought that you were thinking the port was closed because Transmission was telling you this. jre was right on the spot. It's so obvious now

[swan]

the last two updates have over written ;

/usr/lib/blockcontrol/blockcontrol.defaults

is it needed? twice ive had to be at console to fix post updates

warning much?

[jre]

the last two updates have over written ;

/usr/lib/blockcontrol/blockcontrol.defaults

is it needed? twice ive had to be at console to fix post updates

Yes, it is needed and it should contain the defaults that I set. If you want to make changes then do them in /etc/blockcontrol/blockcontrol.conf (just add the variables as you see them in /usr/lib/blockcontrol/blockcontrol.defaults, and set your own values.)

warning much?

?

[taqkavar]

hi, sorry I'm busy, no time to read any of the posts, just gonna jump in the middle of this thread and post this in case no one have posted about it yet:

If you use a dark theme with dark backgrounds and light font colours you have noticed mobloquer doesn't look so good and its hard to read some texts. It seems that programs like mobloquer and livestation that use the qt interface have this problem, to fix this just run /usr/bin/qtconfig-qt4 in terminal, select Tune Pallete and tweak the colours to match your theme, then go to file > save and you are done.

[mamamia88]

hi guys installed from source in jaunty but can't get mobloquer to start all i get is something like described in this thread i created earlier. http://ubuntuforums.org/showthread.php?p=7085639 can someone please help me out?