knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
Hi all,
I am looking at MoBlock or Peerguardian for my server, and was wondering if anyone installed it on a 4.2 ?
Here is what I found on the subject already :
2002 reference on this forum
Some people having installed it on cc3.2
MoBlock discussed as a simple rpms packet
I checked using "iptables -L -nv" and cc4.2 do have iptables, and it is populated already, so "all I have to do"(tm) is install the rpm from here :
MoBlock rpms
or get the fedora core compiled here :
FC rpm
So, anyone tried this MoBlock and can tell me if it is a good idea ?
(Buddha's answer to the first post let me hope for this alternatives I found  )
I'm also a taker for any install tips, there seem to be a dependency to libnfnetlink-devel and libnetfilter_queue-devel in the latest how-to I found, and they don't appear in a "apt-get search.|grep libnet*" ...
Cheers,
Knewbie
Edited by knewbie_one_kenewbie (12/20/07 09:41 PM)
|
maxximum
journeyman
Reged: 09/01/07
Posts: 79
|
|
"libnetfilter_queue" has been previously known as "libnfnetlink_queue".
Package for RHEL4 is avalaible on DAG website :
http://dag.wieers.com/rpm/packages/libnfnetlink/
I've installed these two packages :
1/ libnfnetlink-0.0.25-1.el4.rf.i386.rpm
2/ libnfnetlink-devel-0.0.25-1.el4.rf.i386.rpm
I've also installed libnet-1.1.2.1-2.2.el4.rf.rpm :
http://dag.wieers.com/rpm/packages/libnet/
(I can't find any libnet-devel ...)
Then I tried to build rpm from "moblock-0.8-2.fc7.src.rpm" ... but "libnetfilter_queue-devel" is required during rpmbuild 
Any idea how to build moblock on CC 4.2 ?
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
I advanced some and I think I have a bad news...
I tried compiling but had the demand for libnetfilter_queue
I found all the files on http://fr.rpmfind.net/linux/rpm2html/search.php? and on DAG's server you linked to :
libnetfilter_queue-0.0.13-3.fc7.i386.rpm libnfnetlink-0.0.25-1.el4.rf.i386.rpm
libnet-1.1.2.1-2.2.el4.rf.i386.rpm libnetfilter_queue-devel-0.0.13-3.fc7.i386.rpm libnfnetlink-devel-0.0.25-1.el4.rf.i386.rpm
The problem comes when installing :
[root@### DOWN]# rpm -i *.rpm
attention: libnet-1.1.2.1-2.2.el4.rf.i386.rpm: signature V3 DSA: NOKEY, key ID 6b8d79e6
attention: libnetfilter_queue-0.0.13-3.fc7.i386.rpm: signature V3 DSA: NOKEY, key ID 1ac70ce6
erreur: Dépendances requises:
libc.so.6(GLIBC_2.4) est nécessaire pour libnetfilter_queue-0.0.13-3.fc7.i386
rtld(GNU_HASH) est nécessaire pour libnetfilter_queue-0.0.13-3.fc7.i386
the dependency for glibc 2.4 comes with libnetfilter_queue and -devel
rtld is ... a part of GLIBC.
needed is glibc v2.4, CC4.2 has an earlier version. "apt-cache show glibc" gives :
Package: glibc
Section: System Environment/Libraries
Installed Size: 14474
Maintainer: CentOS
Version: 2.3.4-2.36
Pre-Depends: basesystem, libgcc, /usr/sbin/glibc_post_upgrade.i686, /sbin/ldconfig, rpmlib(PartialHardlinkSets) (<= 4.0.4-1), rpmlib(PayloadFilesHavePrefix) (<= 4.0-1), rpmlib(CompressedFileNames) (<= 3.0.4-1)
Depends: glibc-common (= 2.3.4-2.36)
Sooo...
I'm not totally sure : is it a good idea to upgrade to glibc 2.4 on my own ?
I think there is a more "up to date" repository for CC 4.2 (saw it in one of the posts or, more possibly, in the documentation...).Not sure we can install glibc 2.4 from it.
+ Will the server die horribly if I do ?
Should I, as a true geek, make a vm of my actual cc install, launch under vmware and test by myself ! 
(I don't even know if it IS possible ) 
Also I read that older kernel could use the libipq library instead. Still possible (and is it simpler) with cc 4.2 ?
Anyone can give us some advice ?
EDIT :
found the advanced repository. it is described here :
clarkconnect.com/docs/Howtos_-_Installing_PHP_5_and_MySQL_5_on_ClarkConnect_4.x
and it provides glibc 2.3...
Edited by knewbie_one_kenewbie (12/26/07 07:23 PM)
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
Found this :
http://www.dessent.net/linblock/
Seems it is "the older way" to get Peergardian-like linux filter.
From the doc of MoBlock it say that MoBlock is just a maintaned solution, but that linblock still works, but isn't maintaned anymore...
gonna try tonight...
If anyone already tried ...
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
ok, so far the most terrible I had to do was install additionnal perl modules through CPAN.
the doc is well made, and the procedure clearly explained (can take some time to compile...and allowed me to install additional modules needed by torrentflux-b4rt I didn't know how to install )
Now every requirement checks, but one...
the bluetrack list coded in the script is not directly accessible anymore
Anyone knows where to get a good blocklist ? get as in wget...
The antip2p.txt I found is a bit of a "everything in it", including towns, companies, etc...
Do I really want to block "City and County of Denver" and "CITRIX SYSTEMS" ...(and I might need to get access to citrix's webpage....)
Schock discovery, in the lists I found from countrymen there are ... all the ISP ranges in my country, among other things. Including my own IP range, which could cause a problem, I think... but means much fewer risks as far as local enforcement are concerned.
Please advise
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
Using MoBlock right now.
Had a post where I asked help modifying linblock.pl "disappear", no reason given...maybe because I posted linblock code ?
Anyhow, after getting linblock to work it took AGES to run.
I stopped it at 400 minutes walltime...(my rig is a Dual PIII 1GHz + 2 Gb Ram) and it seemed far from done.
It used one full cpu all this time. So I killed it </manic laughter>
Anyhow I found how to have moblock compile and run on CC4.2
almost no cpu use, background "daemon".
pm me if interested. I'll do a how to if many are interested.
Regards,
Knewbie
|
Steveoman
journeyman
Reged: 05/23/05
Posts: 92
Loc: Texas
|
|
I would love a walkthrough. 
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
It's quite simple...(tm) 8p
The real difficulty here is that this is explained nowhere, you have to read the comments in the Makefile to understand.
first install iptables-dev or iptables-devel (I think it is the latter one)
sudo apt-get install iptables-devel
open the moblock makefile, comment (add # at the beginning of the lines) the lines mentionning ipnetqueue, uncomment the lines using libipq.
Make.
move the script generate to /usr/bin, make it executable, lauch after having read the doc to download the ip list...
I hope I didn't forget anything 8)
|
Steveoman
journeyman
Reged: 05/23/05
Posts: 92
Loc: Texas
|
|
Do I need to install any of the libnet* stuff, or does the commenting you mentioned take care of that?
Sorry, this is the first time I've had to resolve dependencies and compile and install something on Linux.
|
knewbie_one_kenewbie
newbie
Reged: 01/25/05
Posts: 32
Loc: Paris
|
|
no problem 8)
I don't think you will need to install any of the libnet* stuff, as the script won't be using it al all. iptables-devel should be enough (tm).
|
You are not logged in.
Previous
Index
Next
Threaded
Edit
Reply
Quote
