HOWTO: Peerguardian Installation and automatic updates

[Kokanee]

PeerGuardian is a free and open source IP address blocking software programs capable of blocking incoming and outgoing addresses. The application uses a blocklist of IP addresses to filter the computers of several organisations, including the RIAA and MPAA while using filesharing networks such as FastTrack and BitTorrent. The system is also capable of blocking advertising, spyware, government and educational ranges, depending upon user preferences.

More at WikiPedia.

PeerGuardian is not a firewall. It filters your incoming/outgoing connections. It is usefull when on P2P networks because it blocks the RIAA, MPAA and other evile empires from seeing you. This helps because they can not collect evidence against you and will help in filtering the bogus seeded files they litter the P2P networks with.

Okey, lets get started. Download and install PeerGuardian. There is a .DEB package and source code posted on their SoureForge site. This HOWTO will use the DEB.

http://sourceforge.net/project/showf...kage_id=148849

Code:

sudo dpkg -i peerguardnf-1.5beta.i386.deb

Now that it's installed blocklists need to be setup.

Code:

sudo mkdir /etc/peerguardian

Create a blank text file and save it as peerguardian.sh.

Code:

sudo cp peerguardian.sh /usr/local/bin

Code:

sudo chmod -c 755 /usr/local/bin/peerguardian.sh

Now open peerguardian.sh wth gedit....

Code:

sudo gedit /usr/local/bin/peerguardian.sh

Now paste the following into it then save and close:

Code:

# version for bluetack.co.uk lists!
#!/bin/sh
# Update new blocklists and start/stop/restart PeerGuardian
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# testdescription
#
#CONFIGURATION
# Make sure PG_ETC points to the directory where
# you want to put your downloaded blocklists.
PG_ETC=/etc/peerguardian/
# Remove the lists you don't want to download and
# use from BLOCKLISTS.
BLOCKLISTS="level1"
PG_CONF=/etc/PG.conf
PG_LOG=/var/log/PG.log
PG_LIST=/etc/p2p.p2b.p2p
#The URL where the blocklists reside
URL=http://www.bluetack.co.uk/config
#The format of the lists to download
SUFFIX=gz
#The format after unpacking
SUFFIX2=txt

endscript () {
date +"------------ "%F" "%X" "%Z" End PeerGuardian Script"
exit $1
}
date +"------------ "%F" "%X" "%Z" Begin PeerGuardian $1"


case "$1" in
'start')
    cd "$PG_ETC"
    # check if blockfiles were updated:
    UPDATED=""
    for i in $BLOCKLISTS ; do
    TIMESTAMP=0
    if [ -e $i.$SUFFIX ] ; then
    TIMESTAMP=`stat --format=%y $i.$SUFFIX`
    echo "File $i.$SUFFIX last updated $TIMESTAMP"
    TIMESTAMP=`stat --format=%Y $i.$SUFFIX`
    fi
    wget -N $URL/$i.$SUFFIX
    if [ `stat --format=%Y $i.$SUFFIX` -gt $TIMESTAMP ] ; then
    UPDATED=$i
    fi
    done
    
    # if none of the blockfiles were updated:
    if [ -z $UPDATED ] ; then
    echo "No blocklists needed updating."
    echo "Starting PeerGuardian"
    mv $PG_LOG $PG_LOG.backup
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    fi
    
    # if any blockfiles were updated:
    for i in $BLOCKLISTS ; do
    gunzip -c $i.$SUFFIX > $i.$SUFFIX2
    BLOCKLISTSCAT="$BLOCKLISTSCAT $i.$SUFFIX2"
    done
    cat $BLOCKLISTSCAT | peerguardnf -f merged.p2b.p2p
    for i in $BLOCKLISTS ; do
    rm $i.$SUFFIX2
    done
    # uncomment below to unblock Yahoo! Mail and whatever
    # else needs unblocking here. Do this also in the
    # restart section.
    grep -v -i "yahoo\!" merged.p2b.p2p | grep -v -i "Microsoft" | grep -v "Google" > merged.p2b.p2p.tmp
    mv merged.p2b.p2p.tmp merged.p2b.p2p
    mv $PG_LIST $PG_LIST.backup
    mv merged.p2b.p2p $PG_LIST
    mv $PG_LOG $PG_LOG.backup
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    ;;

'stop')
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    endscript 0
    ;;

'restart')
    cd "$PG_ETC"
    # check if blockfiles were updated:
    UPDATED=""
    for i in $BLOCKLISTS ; do
    TIMESTAMP=0
    if [ -e $i.$SUFFIX ] ; then
    TIMESTAMP=`stat --format=%y $i.$SUFFIX`
    echo "File $i.$SUFFIX last updated $TIMESTAMP"
    TIMESTAMP=`stat --format=%Y $i.$SUFFIX`
    fi
    wget -N $URL/$i.$SUFFIX
    if [ `stat --format=%Y $i.$SUFFIX` -gt $TIMESTAMP ] ; then
    UPDATED=$i
    fi
    done
    
    # if none of the blockfiles were updated:
    if [ -z $UPDATED ] ; then
    echo "No blocklists needed updating."
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    mv $PG_LOG $PG_LOG.backup
    sleep 4
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    fi
    
    # if any blockfiles were updated:
    for i in $BLOCKLISTS ; do
    gunzip -c $i.$SUFFIX > $i.$SUFFIX2
    BLOCKLISTSCAT="$BLOCKLISTSCAT $i.$SUFFIX2"
    done
    cat $BLOCKLISTSCAT | peerguardnf -f merged.p2b.p2p
    for i in $BLOCKLISTS ; do
    rm $i.$SUFFIX2
    done
    # uncomment below to unblock Yahoo! Mail and whatever
    # else needs unblocking here. Do this also in the
    # restart section.
    grep -v -i "yahoo\!" merged.p2b.p2p | grep -v -i "Microsoft" | grep -v "Google" > merged.p2b.p2p.tmp
    mv merged.p2b.p2p.tmp merged.p2b.p2p
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    mv $PG_LIST $PG_LIST.backup
    mv merged.p2b.p2p $PG_LIST
    mv $PG_LOG $PG_LOG.backup
    sleep 4
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    ;;

*)
    echo "Usage: $0 { start | stop | restart }"
    ;;
esac
exit 0

You can now handle PeerGuardian by just typing in a console one of the following commands:

Code:

sudo peerguardian.sh start

IF there are updates for the blocklists available they are updated, the old blocklist and the log-file are backuped and PeerGuardian is started.

Code:

sudo peerguardian.sh restart

If there are updates for the blocklists available they are updated, the old blocklist and the log-file are backuped, old PeerGuardian processes are killed and after 4 seconds PeerGuardian is started again.

Code:

sudo peerguardian.sh stop

PeerGuardian is stopped.

This following section is optional. If you want Peerguardian to run at startup and update the blocklists daily.

Code:

ln -s /usr/local/bin/peerguardian.sh /etc/init.d/peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc0.d/K20peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc2.d/S95peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc3.d/S95peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc4.d/S95peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc5.d/S95peerguardian.sh
ln -s /etc/init.d/peerguardian.sh /etc/rc6.d/K20peerguardian.sh

Now we need to create a CRON entry to update and restart Peerguardian daily. Create a blank text file called pg.

Code:

sudo gedit pg

Paste the following into it:

Code:

#!/bin/sh

/usr/local/bin/peerguardian.sh restart

Save and close then we need to copy it and set permissions.

Code:

sudo cp pg /etc/cron.daily

Code:

sudo chmod -c 755 /etc/cron.daily/pg

Now we're done. You will notice in the script that connections to Yahoo, Microsoft and Google are allowed. I was having issues with connecting to MSN and Gtalk in Gaim along with connectiong to various Google sites. If you don't use these service you can leave that out.

Everything will be logged in /var/log/PG.log

This is the original source for this info. I just changed it a bit.

[ounas]

Thanks, I shall try this out.

_ounas

[Arktis]

Oh crap... I just completed a howto on this covering installation from source. In my defense, I didn't see this, and I did search.. but I realize now that when searching, I spelled guardian as "gaurdian" by mistake and thus only came up with 3 results. Ah well. Sorry. Maybe it won't be approved by the mods.

[ephman]

Never mind below, all is well, i had to start the script again and it worked fine.


hi,

thanks for the howto, i've been looking for something like this. here's an error i get when i start peerguardian, at least i think it's an error, any help would be appreciated.

root@wintermute:/home/ephman/Desktop# sudo peerguardian.sh start
------------ 2005-11-29 05:54:48 AM EST Begin PeerGuardian start
--05:54:49-- http://www.bluetack.co.uk/config/level1.gz
=> `level1.gz'
Resolving www.bluetack.co.uk... failed: Name or service not known.
stat: cannot stat `level1.gz': No such file or directory
/usr/local/bin/peerguardian.sh: line 57: [: -gt: unary operator expected
No blocklists needed updating.
Starting PeerGuardian
mv: cannot stat `/var/log/PG.log': No such file or directory
------------ 2005-11-29 05:54:59 AM EST End PeerGuardian Script
root@wintermute:/home/ephman/Desktop#


thanks for the bandwidth,
ephman

[ubuntu27]

In this how to for "PeerGuardian 2" or "PeerGuardian Lite" or neither?

[Grimlock]

I've installed it but I can still get on the riaa website?????

[ephman]

same here.

[Kokanee]

Quote:

Originally Posted by ubuntu27 In this how to for "PeerGuardian 2" or "PeerGuardian Lite" or neither?

PeerGuardian for Linux is actually the Lite version. PeerGuardian 2 is an awful Windows app with a useless gui.

[Kokanee]

Quote:

Originally Posted by Grimlock I've installed it but I can still get on the riaa website?????

Visiting a website is harmless. Open up a torrent or connect to aMule or something then check your /var/log/PG.log file. It should show lots of dropped connections.

[ace2005]

Um... guys

Do a scan:

http://scan.sygatetech.com/stealthscan.html

Who here thinks there is a problem