| View previous topic :: View next topic |
| Author |
Message |
gsurbey
Apprentice
Joined: 24 Mar 2003
Posts: 212
Location: Nashua, NH
|
 Posted: Thu Feb 24, 2005 4:45 am Post subject: HowTo PeerGuardian for Linux an alternative to Linblock |
 |
|
There are many reasons to block access to and from certain IPs no matter if you are working from a corporate or home network this kind of internet blocking should be just as prevalent and suggested as basic firewall configurations are nowadays. IP blocking has many similar pros and cons as compared to the basic firewall configuration however it extends the safety net. Also, as with any firewall, IP blocking should not be looked upon as an all encompassing security solution. IP blocking could give you added protection from the MPAA, RIAA, adware, pop-ups sites, and government entities just to name a few and all this is customizable using specific blocking lists. www.bluetack.co.uk is a trusted organization to get IP blocking lists from. There are also ways to do IP blocking within an app such as mldonkey and many of the like. You can find block lists in that format on http://www2.openmedia.info:8080/p23.html. However in terms of centralization of block lists and in terms of much lower overall CPU usage using the linux kernels built in iptables is a much better option.
These two programs are GNU GPL and they both use Perl Net::IP and the linux kernel's iptables:
PeerGuardian for Linux
Linblock
You will need the Perl Net::IP class library installed, type the following to check if you have it: | Code: | | perl -MNet::IP -e 1 |
If that yielded: | Code: | Can't locate Net/IP.pm in @INC (@INC contains: /etc/perl /usr/lib/perl5/site_perl/5.8.5/i686-linux /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.2/i686-linux /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.4/i686-linux /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.5/i686-linux /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.5/i686-linux /usr/lib/perl5/5.8.5 /usr/local/lib/site_perl /usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.2/i686-linux /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.4/i686-linux .).
BEGIN failed--compilation aborted. |
Then you will need to fetch and install that class library. Since I could not find a package to emerge from portage to fulfill this requirement I used the command: | Code: | | perl -MCPAN -e 'install Net::IP' |
CPAN is much like a portage for Perl libraries; it goes out and finds all the dependencies and such and installs everything needed to get that class library installed. If this is your first time using CPAN then you'll be presented with a configuration dialog to which you can pretty much safely answer all the prompts with the default values (just press ENTER).
You will also need to turn on iptables in your kernel. Assuming you're using 2.6 you go to Device Drivers ---> Networking support ---> Networking options ---> and enable Network packet filtering. Then go into Network packet filtering ---> IP: Netfilter Configuration ---> and enable IP tables support. From there I enabled IP range match support, address type match support, and Packet filtering. You'll also need the userspace tools "emerge net-firewall/iptables"
I like PeerGuardian for Linux better than Linblock at the moment because it seems to be more actively developed, improved, and easier to use. After downloading version 0.3 I did an "emerge x11-misc/xdialog" to get nice GUI installation and configuration dialogs to appear. From there I just followed the instructions; nice and simple.
Two error messages should come up the first time you run the script:
| Code: | iptables: No chain/target/match by that name
iptables: Table does not exist (do you need to insmod?) |
The script's iptables import process should take a while and a lot of CPU usage depending on how big your block list is. It took easily more than 1 hour with full CPU usage on my AMD64 for the full block list (a 10 MB iptables-restore file). BTW the full block list is bad in my opinion because by default it blocks my website hosted on lunarpages and it blocks the the Gentoo forums. Maybe just one or two block lists with a little editing would be good enough.
Once that's done one could then type: | Code: | /etc/init.d/iptables save
rc-update add iptables default |
Learn more about iptables at this thread https://forums.gentoo.org/viewtopic-t-159133.html
There is also a Gentoo script out there for easy firewall configuration http://www.gentoo.org/proj/en/dynfw.xml
_________________
-Greg Surbey |
|
| Back to top |
|
 |
gsurbey
Apprentice
Joined: 24 Mar 2003
Posts: 212
Location: Nashua, NH
|
| Posted: Tue Jan 03, 2006 8:30 pm Post subject: |
|
|
I just found out that there is a Gentoo CPAN tool called g-cpan so instead of doing the line above:
| Code: | | perl -MCPAN -e 'install Net::IP' |
You would instead install perl modules the Gentoo by using app-portage/g-cpan to automatically generate and install ebuilds for portage by using your $PORTDIR_OVERLAY:
| Code: | emerge g-cpan
g-cpan -i Net::IP |
To clean up later it's a simple
_________________
-Greg Surbey |
|
| Back to top |
|
|
gsurbey
Apprentice
Joined: 24 Mar 2003
Posts: 212
Location: Nashua, NH
|
| Posted: Thu Jan 05, 2006 5:14 pm Post subject: |
|
|
The Internet Storm Center has an interesting top 20 ip block list http://isc.sans.org/
_________________
-Greg Surbey |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
