*Update 5/1/2014* This post has been superceeded by
"Linux: Installing Peer Guardian 2; an IP blocker like PeerBlock for Windows".
iplist/ipblock is a great little tool for Linux which protects you from "bad connections", pretty much what PeerGuardian/PeerBlock does for Windows.
I had a bit of trouble getting it to run properly, and considering how many posts there were about it I figured I'd write a post to help out some people.
Depending on your base version of Linux, add the sources.list in the repository list given here. (It's kept more up to date than this blog post)
Remember to import the signed keys too!
Note: If you're not comfortable with using "vim", feel free to replace any following commands with "gksu gedit" instead.
Once you've done that, put yourself on superuser mode and prepare to get down and dirty with the terminal.
apt-get install iplist
Once it's done installing, copy the default setting files over:
cp /usr/share/doc/iplist/examples/ipblock.lists /etc
cp /usr/share/doc/iplist/examples/ipblock.conf /etc
Now to edit the configuration files:
- Change AUTOSTART to "Yes".
- Remove any lists you don't want from BLOCK_LIST (at minimum keep "level1" and "bogon")
- Any event information is logged in "/tmp/ipblock.log"
- Your downloaded list files are stored in "/var/cache/ipblock"
Now edit the list files:
Replace the "bluetack.co.uk" entries for the lists you want to keep (in BLOCK_LIST) with the corresponding URL from iblocklists. From my experience, iblocklists.com is updated more often and more reliable than bluetack.
Now to download the lists. You can either use the terminal or the GUI ("Menu" > "Internet" > "IP Block" > click "Update" at the top)
Then remember to get out of superuser mode.
Restart your computer to check if the AUTOSTART is running properly!
If ipblock is preventing your computer from accessing the internet after a reboot (preventing outbound connections, connection into your computer, not pinging correctly, etc) then I'm assuming that you're using wireless/WiFi.
This took a few days for me to figure out but the reason why this is happening is because the wireless takes a moment to connect.
This "moment" is long enough for ipblock to start via the init.d daemon script. It loads up ip_tables, then realises there are no active connections to filter and exits.
This issue will also cause the download of your list files to fail.
ipblock[####]: error: update of level1.gz failed
ipblock[####]: error: update of bogon.gz failed
ipblock[####]: error: update of edu.gz failed
Even though checking the status of ipblock will say it's not running:
sudo ipblock -l
ipblock[####]: error: IPblock is not running
Starting it manually after the WiFi has connected will fix everything, whoever this is not ideal.
To fix this, you'll have to add a short delay before ipblock starts.
sudo vim /etc/init.d/ipblock
Now add in "sleep 30" after "start)":
case "$1" in
log_daemon_msg "Starting $DESC" "ipblock"
Save, reboot and test.
All is well. Time to embrace your victory ...
- iplist homepage
- HOWTO: Graphical IP Blocker
- iblocklist.com lists
- Do You Use Linux? The RIAA and MPAA Don’t Want You To Use This Program
- 9.10 ipblock 0.27 does not autostart during boot? help plz
- Having IPBlock on Startup...
- Headless torrentbox with ipblock
- how to delay transmission daemon when booting up?