Moblock – Quick and Dirty Fix – Mandriva

Moblock truly is a requirement for every *nix user that partakes in P2P. Unfortunately the Moblock package from Mandriva’s repositories isn’t all it should be in my opinion. It utilizes the new binary p2p lists – .p2b files from blocklist.org, which I’m not sure if they’re currently active after letting the domain expire in July 07 then having DNS issues later in the year, it’s easier to migrate over to bluetack’s blocklists.

Note: You need to have installed sudo and configured your account as sudoer before you continue; instructions are available here.

I made a quick and dirty script to update moblock and made a few changes to moblocks config file, as well as deleting the created cron job set by the package. This script is really basic, but does exactly what it needs to do – stops moblock, updates the blocklist, complies them into a p2p text file, backups the current blocklist, and moves the new blocklist into /etc, restarts moblock, and runs tail. The script is as follows:

#!/bin/bash
# Update Moblock

#Directory check, if not make directory
if [ -d $HOME/Documents/blocklists ]
then
echo “Directory exists”
else
mkdir $HOME/Documents/blocklists
echo “Created Directory”
fi
#Stop moblock
/etc/rc.d/init.d/moblock stop
#change to working directory
cd ~/Documents/blocklists
#Backup old p2p file
cp guarding.p2p guarding.p2p.backup
#Download Bluetack blocklists
wget http://www.bluetack.co.uk/config/ads-trackers-and-bad-pr0n.gz
wget http://www.bluetack.co.uk/config/bogon.gz
wget http://www.bluetack.co.uk/config/dshield.gz
wget http://www.bluetack.co.uk/config/edu.gz
wget http://www.bluetack.co.uk/config/hijacked.gz
wget http://www.bluetack.co.uk/config/iana-multicast.gz
wget http://www.bluetack.co.uk/config/iana-private.gz
wget http://www.bluetack.co.uk/config/iana-reserved.gz
wget http://www.bluetack.co.uk/config/level1.gz
wget http://www.bluetack.co.uk/config/level2.gz
wget http://www.bluetack.co.uk/config/level3.gz
wget http://www.bluetack.co.uk/config/Microsoft.gz
wget http://www.bluetack.co.uk/config/rangetest.gz
wget http://www.bluetack.co.uk/config/spider.gz
wget http://www.bluetack.co.uk/config/spyware.gz
wget http://www.bluetack.co.uk/config/templist.gz
wget http://www.bluetack.co.uk/config/trojan.gz
#Extract blocklist
gunzip ~/Documents/blocklists -r -v
#Combine blocklists into p2p file
cat level1 level2 level3 ads-trackers-and-bad-pr0n bogon dshield edu hijacked iana-multicast iana-private iana-reserved rangetest spider spyware trojan Microsoft templist >guarding.p2p
#Backup /etc/guarding.p2p
cp /etc/guarding.p2p /etc/guarding.p2p.backup
#copy new/updated blocklist file to /etc
cp guarding.p2p /etc/
#Cleanup individual blocklists
rm level1 level2 level3 ads-trackers-and-bad-pr0n bogon dshield edu hijacked iana-multicast iana-private iana-reserved rangetest spider spyware trojan Microsoft templist
#Restart moblock
/etc/rc.d/init.d/moblock restart
/etc/rc.d/init.d/moblock restart
#Start tail for moblock log file
tail -f /var/log/moblock.log

Let’s make a directory to save the script in, open konsole and enter:

mkdir ~/Documents/my_scripts

We’ll change directories and create a file to save the script in:

cd ~/Documents/my_scripts

touch moblock_up

kwrite moblock_up

Copy and paste the script text into the file and save, then we need to make the file executable:

chmod +x moblock_up

All Bluetack’s blocklist are included in the script so you can remove the ones you don’t need to use or leave exactly as is. [note:] as HTTP is allowed in the moblock config file, you don’t need the ads-trackers-bad-pr0n and spider lists. Remove whatever you don’t feel is necessary (ie. edu – is you don’t wish to block it.

Do we need to make a few alterations to moblocks config file. But let’s first back it up:

sudo cp /etc/sysconfig/moblock /etc/sysconfig/moblock.backup

Now let’s edit the file:

kdesu kwrite /etc/sysconfig/moblock

and change the following:

LIST_TYPE=”-p”
LIST=”/etc/guarding.p2p”

URL=$HOME/Documents/blocklists/
BLOCKLIST=”guarding.p2p”
ALLOWLIST=”"

Close kwrite and save the file. [note] the second half highlighted by itailics isn’t necessary as we’re going to delete the cronjob anyway. ;-)

Backup the cronjob if you wish to your home directory:

mkdir ~/Documents/blocklists/old_cronjob

cp /etc/daily.cron/moblock ~/Documents/blocklists/old_cronjob/

then you can remove the cronjob

sudo rm /etc/daily.cron/moblock

We’re still in the directory the script is in, execute it with:

sudo ./moblock_up

Moblock is now blocking connections to the IP rangesfrom guarding.p2p and you’re seeing the output from the moblock logfile in konsole. Now you can run the script when you want to update moblock [once a week is good enough].

Remember when you restart your PC to restart moblock with (when you want it running/active):

sudo /etc/rc.d/init.d/moblock restart

and then tail the logfile to confirm moblock is actively blocking:

sudo tail -f /var/log/moblock.log

As of today, using all the available blocklist from Bluetack; Moblock should be blocking 337155 ranges. To test or to see moblock in action, open a new shell session in konsole and paste the following:

ping -c4 gmail.com

In the session showing the tail of the moblock logfile, you’ll see:

Blocked OUT: Google Inc,hits: 1,DST: 72.14.253.83
Blocked OUT: Google Inc,hits: 2,DST: 72.14.253.83
Blocked OUT: Google Inc,hits: 3,DST: 72.14.253.83
Blocked OUT: Google Inc,hits: 4,DST: 72.14.253.83

Another example:

ping -c4 76.246.137.0

Tail of the Moblock logfile will show:

Blocked OUT: NBC INC-070731163231,hits: 1,DST: 76.246.137.0
Blocked OUT: NBC INC-070731163231,hits: 2,DST: 76.246.137.0
Blocked OUT: NBC INC-070731163231,hits: 3,DST: 76.246.137.0
Blocked OUT: NBC INC-070731163231,hits: 4,DST: 76.246.137.0

+ additional notes+If you’re using all the available blocklist, as you can see above google is listed in the spider blocklist. Therefore your SSL POP/SMTP access will be blocked, either stop moblock, fetch your gmail through your email client (Web Access is already whitelisted and will not be blocked) and then restart moblock (commands listed below); or add the ports to the whitelist in /etc/sysconfig/moblock.

You can stop moblock with:

sudo /etc/rc.d/init.d/moblock stop

Start and Restart with:

sudo /etc/rc.d/init.d/moblock start

sudo /etc/rc.d/init.d/moblock restart

This is a work in progress, suggestions and comments are always welcome. ;-)

This work is licensed under a
Creative Commons Licence.

 

Blogged with Flock

Tags: Howto, Linux, Mandriva, moblock, p2p

 

---

Possibly related posts: (automatically generated)

• Moblock (peerguardian linux alternative)