iplist allows users with no or basic knowledge of iptables to filter (e.g. to block) network traffic based on (automatically updated) lists. These lists have various formats and are sorted by different categories (e.g. countries, adware, corporations).
- to protect your privacy while sharing with others
- to ban unwanted clients from servers
- to block whole countries or networks
- to block spam- and ad-servers
ipblock is part of the iplist package which can be downloaded from here
Download ipblock using the following command
wget http://puzzle.dl.sourceforge.net/sourceforge/iplist/iplist_0.14-0feisty1_i386.deb
Prerequisites
iplist requires a 2.6.14 kernel or later with the option CONFIG_NETFILTER_XT_TARGET_NFQUEUE enabled (module or build-in). On a standard Debian installation (Etch) the additional packages libnetfilter-queue1 and libnfnetlink1 are needed.
sudo aptitude libnetfilter-queue1 libnfnetlink1 sun-java6-jre
If you are installing gusty install this package libnfnetlink0 (gutsy) instead of libnfnetlink1
Now we have .deb package we need to install this using the following comamnd
sudo dpkg -i iplist_0.14-0feisty1_i386.deb
This will install all the required packages for ipblock.
After the installation if you want to open ipblock go to Applications -> Internet -> ipblock.Once it opens you should see similar to the following screen
Lists Tab
The default choice for lists is similar to peerguardian.
- level1.gz - Anti-P2P organizations and known government addresses
- ads-trackers-and-bad-pr0n.gz - Advertising and data tracker servers
- spyware.gz - Malicious spyware and adware servers
- edu.gz - Educational institutions and universities
- bogon.gz - Spoofed IP-addresses
Custom p2p or dat lists can easily be added. Note that lists can optionally be compressed with gzip.These lists are maintained here
Settings Tab
All options can be configured in this tab. Auto-updating lists is important and the default choice of 2 days is reasonable. Using out-of-date lists is not recommended.
To ignore specific network traffic like HTTP or EMAIL (pop3) use the ignored ports section.
0 comments:
Post a Comment