IPLIST

From Hurlster Wiki
Jump to navigation Jump to search

Prerequisite /etc/apt/sources.list.d/iplist.list 

#sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com \ 
#C6E3D905C8BCD56BB02E6E0B39456311108B243F
deb http://ppa.launchpad.net/ssakar/ppa/ubuntu lucid main # disabled on upgrade to lucid
deb-src http://ppa.launchpad.net/ssakar/ppa/ubuntu lucid main # disabled on upgrade to lucid

apt-get install iplist

ipblock.conf 

#-----------------------------------General-----------------------------------
# start ipblock at boot time, used by ipblock.init
AUTOSTART="Yes"

# Verbose log and iplist output
VERBOSE="No"

# filtered (build-in iptables) chains, values: INPUT FORWARD OUTPUT
IPTABLES_CHAIN_BLOCK="INPUT OUTPUT"
IPTABLES_CHAIN_ALLOW="INPUT OUTPUT"

# directory where lists are stored
IPLIST_LISTDIR="/var/cache/iplist"

# Use less memory by disabling BLOCK_LIST_* options, as a result only
# one queue is used for all 3 chains
LESS_MEMORY="Yes"

#------------------------------------Lists------------------------------------
# list names can be relative if files are in IPLIST_LISTDIR

BLOCK_LIST="level1.gz level2.gz ads-trackers-and-bad-pr0n.gz"
BLOCK_LIST_INPUT=""
BLOCK_LIST_OUTPUT=""
BLOCK_LIST_FORWARD=""

# only lists in p2p format are supported
ALLOW_LIST=""
ALLOW_LIST_INPUT="allow-perm.p2p allow-temp.p2p"
ALLOW_LIST_OUTPUT="allow-perm.p2p allow-temp.p2p"
ALLOW_LIST_FORWARD=""

#---------------------------------Ignored Ports-------------------------------

IGN_TCP_OUTPUT="1:1024 1337 1900 3260 3306 3689:3690 6600 5353 8080:8800"
IGN_UDP_OUTPUT="1:1024"

IGN_TCP_INPUT="21 22 80 443 1900 1337 3260 3306 3689:3690 5353 6600 8800"
IGN_UDP_INPUT="53 69 123 514 161 3306 3689 5353 5060 10000:20000 3260"

IGN_TCP_FORWARD=""
IGN_UDP_FORWARD=""

#-------------------------------Ignored Protocols-----------------------------

IGN_PROTO_INPUT="icmp"
IGN_PROTO_OUTPUT="icmp"
IGN_PROTO_FORWARD=""

#-------------------------------------Log-------------------------------------

LOG_FILE="/tmp/ipblock.log"

# value: all | match | none
LOG_LEVEL="match"

# Use LOG target of iptables (syslog) for blocked packets
LOG_IPTABLES="No"

#-----------------------------------Update------------------------------------

# URL of lists, for updating
URL_FILE="/etc/ipblock.lists"

# values "" or "0" disable update, used by ipblock.cron and GUI
# value: number of days
UPDATE_INTERVAL="1"

# proxy to use for updating, e.g. http_proxy="127.0.0.1:8118"
http_proxy=""

UPDATE_STAMP="/var/cache/iplist/.update-stamp"

#-------------------------------------GUI-------------------------------------

# start GUI minimized if systray is supported
GUI_START_HIDDEN="No"

# autoscroll log
GUI_AUTOSCROLL="Yes"

# Look and Feel, values: System, Default, Gtk
GUI_THEME="Gtk"

# Whitelists used by the GUI, these need to be set in ALLOW_LIST
GUI_WHITELIST_PERM="/var/cache/iplist/allow-perm.p2p"
GUI_WHITELIST_TEMP="/var/cache/iplist/allow-temp.p2p"
Retrieved from "https://hurlster.com/wiki/index.php?title=IPLIST&oldid=2417"