jre, you were right.moblock is up and running.the only problem left is that i see useless messages in my /var/log/message file when moblock denies a packet:

for the rest it works like a charm. Later this evening I'll post the howto + link to the modified scripts. A you will see, I had to change a bunch of paths in there and couple of functions.

Thanks,
Dino

Grats. And I hope I can integrate all your changes.

I don´t have these messages in /var/log/messages. But is everything working? Does "blockcontrol test" work? And do you still have internet access with moblock running?

__________________
Maintainer of http://moblock-deb.sourceforge.net: MoBlock, mobloquer, blockcontrol and NFBlock Debian packages.
Author of blockcontrol, previously moblock-control.

jre, my outgoing connections are not working except for the port exceptions I have defined. So the blockcontrol test is unable to ping to a host address. Where do i have to whitelist my own nas address?

In my post on the Synology forum, I have a iptables -L -nv dump. could you have a look?

http://forum.synology.com/enu/viewto...p=70227#p70227

Thanks again,
Dino

The iptables look ok on a first glance. I´ll have a detailed look on your changes later. You should hint people to the fact that they have to "blockcotnrol update" manually, because you don´t have the cron.daily job.

Whitelisting IPs:
- Either IP ranges in (/etc/blockcontrol/)allow.p2p
- or IPs in blockcotnrol.conf

__________________
Maintainer of http://moblock-deb.sourceforge.net: MoBlock, mobloquer, blockcontrol and NFBlock Debian packages.
Author of blockcontrol, previously moblock-control.

hmmm, I did put my lan address already into the conf. file. I'll try tonight to put it in allow.p2p

just keep a look on moblock.log to see what was blocked.

__________________
Maintainer of http://moblock-deb.sourceforge.net: MoBlock, mobloquer, blockcontrol and NFBlock Debian packages.
Author of blockcontrol, previously moblock-control.

started revisiting your package:

• There´s no need to ship a separate init-functions. They are included in blockcontrol.lib. If LSB is not found blockcotnrol will use those internal ones.
• Was specifying /opt/(s)bin in PATH not enough to get the external applications working!? (e.g. is it really necessary to /opt/sbin/iptables, when you have PATH="/opt/bin:/opt/sbin:/usr/bin:/bin:/sbin:/usr/sbin"
  

__________________
Maintainer of http://moblock-deb.sourceforge.net: MoBlock, mobloquer, blockcontrol and NFBlock Debian packages.
Author of blockcontrol, previously moblock-control.

Hi jre, it's a long time I've been inactive on porting the blockcontrol scripts to a synoogy diskstation, but yesterday I've changed the latest blockcontrol scripts 1.6.9 to work on a synology. The main things I've changed are the paths to the different scripts.

Some remarks:
* as you can see, I've removed all prefixes to the binaries since the order of the paths are handling this
* main problems:

- built in LSB: pidof on busybox doesn't recognize the -o and -x parameter, those parameters are removed. I do not have any clue how this affects the correct behaviour of blockcontrol
- built in LSB: although busybox should recognize the -exec/-start parameter of the start-stop-daemon binary it is not working. I had to change this to -e/-S which work well.
- not using the following scripts: cron.daily/if-up/init/logrotate
- using a custom made script (moblock.sh) to insert the kernel modules and startup blockcontrol

Could you give me some explanation what logrotate is doing and howto use it?

Attached the modified blockcontrol scripts. It would be great if you could make the paths variable in the main scripts so that it can be easily ported to a diskstation. A lot of users are asking to get moblock up and running, but it's hard for me to change it every time. Could you please also check if the above parameter adjustments are screwing up the scripts?

PS: for some reason I get a upload failed when I try to attache the adjusted scripts. Can you tell me how to deliver those to you?

Thank you,
Dino

First off, we moved on with development: blockcontrol is now pglcmd and nfblock (based on moblock) is pgld. I´m going to greatly improve the Makefile for these (in the next weeks ...), so that you don´t have to adjust paths in the single files.

Your upload problem: probably the file suffix was not allowed - e.g. you may pack them as gz. Also please tell me what version you changed exactly, or even better: send patches. You may also mail me:
jre-phoenix
at users.sourceforge.net


When I´ve seen the built-inb LSB changes I´ll try to implement them here.

Why did you use a custom script to insert the kernel modules? Please send it, I want to implement that, too, if necessary.

logrotate is a config script for, err, logrotate. E.g. the logrotate config file from blockcontrol is placed in /etc/logrotate.d/blockcontrol. Then the logrotate utility fires up daily, and moves the current /var/log/blockcontrol.log to /var/log/blockcontrol.log.1.
At the same time blockcontrol.log.1. gets blockcontrol.log.2.gz (so it gets compressed), and so on up to blockcontrol.log.12.gz. So this is a utility to keep logfiles small and archive them for some time.

__________________
Maintainer of http://moblock-deb.sourceforge.net: MoBlock, mobloquer, blockcontrol and NFBlock Debian packages.
Author of blockcontrol, previously moblock-control.