 |
 |
|
|||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
|
|
Thread Tools | Display Modes |
12-07-2007, 01:21 PM
|
#1 |
 Senior Member Join Date: Sep 2005 Posts: 588 |
MoBlock Security Warning
This is a security warning for the current release MoBlock 0.8.
The bug has been solved already in the cvs source (0.9 rc2 and later) at moblock.berlios.de. E.g. the Debian packages from moblock-deb.sourceforge.net are based on the cvs source, and so are not affected by this bug. --- Just to keep you informed. Baseline: No need to panic but in some cases MoBlock won't block all IPs that it should: When you use multiple lists and ranges have to be merged then IPs which are higher than the first merged range aren't blocked. With other words: you should not "cat" together several lists (e.g. those from bluetack in .p2p format). This was the case in the Debian packages up to 0.8-32. Workaround: use a clean list. In the current debian packages I do so by using bluetack's nipfilter.dat.gz together with the moblock option "-d" for lists in the ipfilter.dat format. (You can download this list from www.bluetack.co.uk/config/[blocklistname] - but I don't want to write a clickable link here). Warning: if you use a list in ipfilter.dat instead of lists in .p2p format then you have to change the option how MoBlock loads this. ipfilter.dat: option "-d" .p2p: option "-p" You can not use both blocklist formats at the same time! See here for the history of the bug: https://sourceforge.net/tracker/inde...10&atid=825649 (The user ebutera in that thread is the upstream author. He's working on solving the bug.) greets jre
__________________
Code:
Please post your logfiles and output of commands wrapped in [ CODE ] tags. You find them in the advanced editing mode: # Author of blockcontrol, previously moblock-control. Last edited by jre : 03-26-2009 at 05:33 PM. Reason: Explained more things |
|
|
|
02-17-2008, 05:21 PM
|
#3 |
|
Senior Member Join Date: Sep 2005 Posts: 588 |
Re: MoBlock Security Warning
Yes. I've released Debian packages (0.9~rc2-1). From the changelog:
* New upstream code (0.9rc2 from CVS):Thanks to Morpheus for fixing this, the anonymous bug reporter and all who- fixed a bug in ranges merge (Closes: bug 1818886 (https://sourceforge.net/tracker/inde...0&atid=825649)* use multiple blocklists from bluetack.co.uk in peerguardian .p2p text format (option "p" instead of "d", also as new default) instead of nipfilter.dat, since the range merging bug is fixed now (same blocklists as up to 0.8-32). tried to help. I think we should keep this a sticky thread until 0.9 is officially released. Greets jre
__________________
Code:
Please post your logfiles and output of commands wrapped in [ CODE ] tags. You find them in the advanced editing mode: # Author of blockcontrol, previously moblock-control. |
|
|
|
|
«
Previous Thread
|
Next Thread
»
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT -5. The time now is 03:17 AM.
 |
 |
