Just curious if anyone knows of an IP blocker usable with Linux. I used to use Peerblock for my Windows comp, and was curious if there was something similar for Linux anyone is aware of.
(currently running Ubuntu [lucid lynx])
Just curious if anyone knows of an IP blocker usable with Linux. I used to use Peerblock for my Windows comp, and was curious if there was something similar for Linux anyone is aware of.
(currently running Ubuntu [lucid lynx])
moblock is an alternative... personally i think it is junk. some people like it, others like me dont.
Please take a second to earn a free donation for my Cause, To Write Love On Her Arms, and help me support online crisis and suicide prevention services.
Click Here:
http://www.socialvibe.com/antonvrg
I think I read somewhere that Transmission bit torrent client uses the same peer list as peer-block / peer guardian.
If you use Transmission, it's under preferences -> privacy
But if it's true it uses the same list as peer block, then I don't understand why it only has 224,914 rules. I seem to remember peer block blocking allot more IP's.
You might try IPblock.
http://ubuntuforums.org/showthread.php?t=530183
Thank you all for the responses! Much appreciated!
If you don't need a GUI I recommend to use moblock's successor PeerGuardian Linux (see my signature). If you need a GUI you can use the old moblock/blockcontrol/mobloquer combination or iplist/ipblock.
When you compare how many IPs are blocked you have to look whether IPs or IP ranges are blocked (the first being millions or billions, the latter a few hundred thousands). Generally I recommend to use the blocklists from iblocklist.com, there you get all lists, including those from bluetack and TBG, which you probably know from PeerBlock.
If you use blocklists in an application like transmission, then only this application's traffic will be checked. In contrast the real IP blockers work for your whole system. So if you just want to avoid downloading fake files then the builtin block mechanism of transmission is ok. But if you just don't want to be contacted by any of the organizations that are in the blocklist, then you should use an IP blocker for "stealth" mode.
Please post your logfiles and output of commands wrapped in code tags:Co-author of PeerGuardian Linux (pgl). Maintainer of the pgl package repositories for Debian and Ubuntu.Code:[code]output[/code]
I can't take the credit for the how to, only for linking you to it. Sorry, I managed to miss your post for a few days.
Maybe the problem is that in the tutorial it says to type sudo aptitude update and that is not current for Ubuntu 10.10. If that is what you had typed in you should try again but this time use:Followed by:Code:sudo apt-get update
After that you should be able to type in:Code:sudo apt-get install iplistto start the ipblock g.u.i. or navigate to it under Applications>Internet>Code:sudo ipblock -g
As soon as you get it started update it.
Hopefully that helps.
Edit: uljanow (op) is doing a fine job of maintaining this and now the directions are correct again on the howto.
Last edited by trinitydan; December 27th, 2010 at 08:02 PM.
I use iptables as a IP blocker. My basic config is as follows:
Once that's in place, I add IPs I want to block by running:Code:*filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [738:82758] :OPEN-TCP - [0:0] :OPEN-UDP - [0:0] -A INPUT -s 127.0.0.0/8 -i wlan0 -j DROP -A INPUT -s 127.0.0.0/8 -i eth0 -j DROP -A INPUT -i lo -j ACCEPT -A INPUT -m state --state INVALID -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW -j ACCEPT -A INPUT -p udp -m state --state NEW -j OPEN-UDP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j OPEN-TCP -A INPUT -j REJECT --reject-with icmp-proto-unreachable -A INPUT -p tcp -m recent --set --name TCP-PORTSCAN --rsource -j REJECT --reject-with tcp-reset -A INPUT -p udp -m recent --set --name UDP-PORTSCAN --rsource -j REJECT --reject-with icmp-port-unreachable -A OPEN-TCP -p tcp -m recent --update --seconds 60 --name TCP-PORTSCAN --rsource -j REJECT --reject-with tcp-reset -A OPEN-TCP -p tcp -m tcp --dport 80 -j ACCEPT -A OPEN-UDP -p udp -m recent --update --seconds 60 --name UDP-PORTSCAN --rsource -j REJECT --reject-with icmp-port-unreachable -A OPEN-UDP -p udp -m udp --dport 53 -j ACCEPT COMMIT
Then save the changes:Code:sudo iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP
I generally only block individual IP addresses which spam my server with attempts to find my phpmyadmin page.Code:sudo /etc/init.d/iptables save
http://xkcd.com/293/
There are 10 kinds of people in this world: Those who understand ternary, those who don't, and those who confuse it with binary.
I generally only block individual IP addresses which spam my server with attempts to find my phpmyadmin page.
------------------------------
Isnt there an app which does this automagically?
I forgot its name...
Bookmarks