deb http://moblock-deb.sourceforge.net/debian hardy main
deb-src http://moblock-deb.sourceforge.net/debian hardy main
2. add the gpg key
gpg --keyserver wwwkeys.eu.pgp.net --recv 9072870B
gpg --export --armor 9072870B | sudo apt-key add -
3. update package lists and install moblock and its front-end gui, mobloquer
sudo apt-get update
sudo apt-get install moblock moblock-control mobloquer
4. choose which blocklists to be loaded
http://tbg.iblocklist.com/Lists/
http://www.bluetack.co.uk/forums/index.php?autocom=faq&CODE=02&qid=17
ads-trackers-and-bad-pr0n.gz #advertising
bogon.gz #bogus IP announcements
dshield.gz #hackers
edu.gz #educational institutions
fornonlancomputers.gz #LAN IP ranges
hijacked.gz #IP blocks that are being used without permission
iana-multicast.gz #http://www.iana.org/assignments/multicast-addresses
iana-private.gz #http://www.iana.org/assignments/ipv4-address-space/
iana-reserved.gz #http://www.iana.org/assignments/ipv4-address-space/
level1.gz #for p2p users
level2.gz #general corporate
level3.gz #paranoid list
Microsoft.gz #Microsoft Corp ranges that are not on Level1
proxy.gz #various proxy servers
rangetest.gz #suspicious IPs
spider.gz #automated programs also known as spiders or bots
spyware.gz #malicious SPYWARE and ADWARE IP Address ranges
templist.gz #sending corrupt or virus p2p data
BusinessISPs.zip should not be loaded because most people are in the ranges.
fornonlancomputers.gz and Bogon.zip must be not selected if there is lan traffic with this host.
5. moblock usage (need root privileges)
moblock-control start - inserts iptables rules and starts MoBlock
moblock-control stop - deletes iptables rules and stops MoBlock
moblock-control restart - restarts MoBlock
moblock-control reload - rebuilds the blocklist and reloads MoBlock
moblock-control update - updates the blocklists and reloads MoBlock
moblock-control status - gives the iptables settings and the status of the MoBlock daemon
moblock-control test - simple test to check if MoBlock is working
6. the use of files in /etc/moblock
blocklists.list #blacklist
allow.p2p #whitelist
guarding.p2p #real ip database which should be blocked built from blocklists.list
moblock.conf #configuration file
7. log location
/var/log/moblock.log #block log
/var/log/moblock-control.log #moblock-control status log
8. you can reconfigure moblock withing reinstalling
sudo dpkg-reconfigure moblock
9. allow port 1863 for msn, 5050 for yahoo, 5190 for icq
vi /etc/moblock/moblock.conf
WHITE_TCP_IN=""
WHITE_UDP_IN=""
WHITE_TCP_OUT="80 443 1863 5050 5190"
WHITE_UDP_OUT=""
WHITE_TCP_FORWARD="80 443 1863 5050 5190"
WHITE_UDP_FORWARD=""
you have to set WHITE_TCP_FORWARD if you want to have same whitelist ports on lan or packets from lan computers will be dropped in moblock_fw chain
沒有留言:
張貼留言