![]() ![]() Iptables -I MOBLOCK_FW -p udp -dport $PORT -j ACCEPT Iptables -I MOBLOCK_FW -p tcp -dport $PORT -j ACCEPT Iptables -I MOBLOCK_IN -p udp -dport $PORT -j ACCEPT Iptables -I MOBLOCK_IN -p tcp -dport $PORT -j ACCEPT Iptables -I MOBLOCK_OUT -p udp -dport $PORT -j ACCEPT Iptables -I MOBLOCK_OUT -p tcp -dport $PORT -j ACCEPT #iptables -I MOBLOCK_FW -m state -state ESTABLISHED,RELATED -j ACCEPT #iptables -I MOBLOCK_OUT -m state -state ESTABLISHED,RELATED -j ACCEPT Iptables -I MOBLOCK_OUT -p all -j $TARGET #iptables -I MOBLOCK_IN -m state -state ESTABLISHED,RELATED -j ACCEPT Iptables -I FORWARD -p all -m state -state NEW -j MOBLOCK_FW Iptables -I OUTPUT -p all -m state -state NEW -j MOBLOCK_OUT Iptables -I INPUT -p all -m state -state NEW -j MOBLOCK_IN # Filter all traffic, edit for your needs Here's the file user-pre for copy & paste: The firestarter firewall is being build up and moblock starts blocking things. I did what I never wanted: spending time on firestarter -) Leaving out the lines above just works fine. ![]() Thanks works gr8 but no too well under Xgl when i minimize it to tray and than maximize it, the program goes all wired with coloursĭoesnt work firestarter says that it can't connect/start!! when i remove the text from /etc/firestarter/user-per than it works!! so i am thinkin that there is no way of workin moblock and firestarter together?Įcho "$0: $PIDF exists and processs seems to be running. You'll need to "sudo apt-get install ruby libgtk2-ruby libgtk-trayicon-ruby" before you can run it. (dont laugh, i just cut'n'pasted it in 1 min.) run with moblock-simplegui or add it as a launcher, the icon is in /usr/share/pixmaps/moblock-gui.png. you get no menu item, but i guess you are going to add this in you session startup anyway. it should install the ruby script and the icon. For now.ĭownload it, extract it, and run the install.sh file (sudo. Seriously, yo mama could have done this but anyway. But from what i understand, thats whats most important :) It is trayable, and it shows what is blocked. ![]() (or should i say, my ruby/gtk programming sucks). I have stripped it of almost everything, because in it's current state it's full of bugs. This is the only sane way for me to let you have the GUI right now. Sorry for dumb questions, im just wondering how you are planning to do it as im really looking forward to this :) Personally i think entering a password in a popup window for making changes, and running the rest of the gui without root privileges is better than adding the gui app to the sudoers file, or having to enter passowrd at bootup if gui is set to run automaticly, but thats me. If you make a gui will we be able to pick what blocklists we want there? if so could there be a problem if i pick different blocklists than those listed in the script (which name escapes me) that is placed inside /etc/cron.daily ?Īnother thing, the gui, will there be a regular user part of the gui (just for viewing whats happening) and a root bit for making changes that require root privileges? Ive been playing with moblock for a while now, and using pelle's "quick'n'dirty blocklist update script", but theres also an update script inside /etc/cron.daily (well not anymore cos i deleted it) - why 2 update scripts ? I've been thinking of writing a GUI for MoBlock using python/ruby, which would handle starting/stopping, updating blocklist, live status and letting people cancel certain ips/ports from the blocklist. There you can add port 80 (80 which is http is already accepted for outgoing connectiond and their counterpart replys > in.)Ībout restarting moblock it's in the howto, but anyway. MoBlock has a whitelist at the top of /etc/moblock/MoBlock-nfq.sh. I chose MoBlock because almost nothing is happening to PG linux ATM. I would say moblock is very easy to handle, and it has a nice and clean structure. Let me know, and i'll update my howto.īionnaki: MoBlock is actively developed, PG for linux is not. It would be really nice if you (or somebody else) would try this as i have no need for a software firewall (i'm behind a hardware firewall ATM). Jamesford: I really don't know if it works alongside firestarter. If you are running a kernel > 2.6.15, could you run 'lsmod | grep NFQUEUE'. Pinoyskull: Are you using breezy? If so, you should install moblock-ipq instead. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |