In this thread you will find a script to run PeerGuardian automatically. This is not a new version of PeerGuardian.
Packages named peerguardian-YYYYMMDD.jre.zip are additional to peerguardnf (PeerGuardian 1.5 beta). They won't work if this isn't already installed.
The more actual package named peerguardian-cvs20060228-5-YYYYMMDD.jre.zip won't work with the old PeerGuardian 1.5 beta but depends on lestlest's PeerGuardian 1.5cvs version. The script is already part of this new deb-package so you don't have to download it anymore!
The install routine is made for Debian but might work on other systems as well, just try it. Always check if your system is still running as it ought to. I give you some hints to check if PeerGuardian is blocking in the README, but you also need to check if your firewall (if you have one) is working as it is supposed to. Firewall users have to change their rules from ACCEPT to PEERGUARDIAN!

Hi all,
I've made a new script based on my old one and other stuff from this forum, especially from JFM and /meth/usr.

Features:
- start and stop PeerGuardian
- insert/remove iptables
- update the blocklist
- unblock IPs
- supports plaintext and v2.0binary blocklistformat
- LSB compatible service control script (not really, but the beginning is done)

Attention, changed behavior since last script:
'start' doesn't update the blocklist, so your system boots faster.
Use 'reload' to update blocklist and (re-)start PeerGuardian!

Every comment/improvement is very welcome!

The script consists of the following components:

Insert iptables

Remove iptables

Start PeerGuardian

Check if old blocklist is installed
Rename logfile
Start PeerGuardian
Remove iptables
sleep 1
Insert Iptables

Stop PeerGuardian

killall peerguardnf
Remove iptables

Restart PeerGuardian

Stop PeerGuardian
sleep 4
Start PeerGuardian

Force-Reload PeerGuardian

Update PeerGuardian
Restart PeerGuardian

Reload PeerGuardian (actually the same as force-reload)

Update PeerGuardian

Check if any blocklist was updated and download new ones
End if no blocklist needed updating
Else build the new blocklist
Unblock IPs from the blocklist
Install new blocklist

Status (not implemented yet)

Happy new Year
jre

I've added some files to the above script:
README
INSTALL
UNINSTALL
cron.daily_peerguardian

After unzipping the package just type "./INSTALL".
Afterwards PeerGuardian will be started at every bootup and the blocklist will be updated once a day. This script is made for Debian. It starts in Runlevel 2. Customize it, if this doesn't fit for you.

That was much easier than making the script really LSB compatible
But I think this will be a great help for new users.

Greetings
jre

Some changes again:

There's a new file /etc/peerguardian/blocklists. Here you can insert the complete URLs of the blocklists. This allows
- different websites with blocklists
- packed and unpacked blocklists (ATM only .gz supported, but this is easy to extend.)
- different blocklist formats (ATM the script supposes a file *.p2b to be in PGv2-format and else supposes plaintext files)

An own logfile for this script (/var/log/peerguardian.log)

Logrotation for both logfiles (PG.log and peerguardian.log)

Improved Installing and Uninstalling (for Debian, but might work for other distros, too. If something is not working it tries to give you hints.)


Just download the attachment, unzip it, read the README and type ./INSTALL

I hope this is usefull for you, comments/improvements are very welcome.
jre

does this solve the problem with PG disabling firewall ?

Thank you!


This script so far works perfectly. Updates and restarts all handle fine.

truckdiver: Never tested it on a firewall, but I think that it will work. Just try it!

I took the iptables-stuff from JFM in this thread:
http://forums.phoenixlabs.org/t9505-...rkconnect.html
iptables -I INPUT 1 -j QUEUE > /dev/null 2>&1
iptables -I FORWARD 1 -j QUEUE > /dev/null 2>&1
iptables -I OUTPUT 1 -j QUEUE > /dev/null 2>&1
This inserts the rules not only for INPUT and OUTPUT (as PeerGuardian already does it) but also for FORWARD (important for firewalls, I think) and all of them always on first place.

If this doesn't work for you just change in the script the insert_iptables and remove_iptables sections. Comment out the old entries and uncomment the previously outcommented lines there. You will then have /meth/usr's solution from here:
http://forums.phoenixlabs.org/showth...?t=7270&page=3

Please don't think that I know anything about this stuff. All that I know today is what I learned while writing this script and reading this forum. So don't trust me - test and check it yourself.
jre

just tried it, the script works GREAt, but unfortunately it kills my firewall (firestarter) or i guess its iptables thats killed or disabled or whatever

its like this: i start your script, and firestarter no more blocks anything (ive tested by having remote computers ping me and firestarter is set to block pings - but it lets the pings through

if i stop/restarts firestarter the pings are again blocked, but now peerguardian (your script) doesent block anything :(

there must be a way to get this to work ?

try using -A instead of -I for the iptables insertion, like:
iptables -A INPUT -j QUEUE
instead of
iptables -I INPUT 1 -j QUEUE

I can't remember exactly, but I think the QUEUE rules accept the packet if they don't block it, without going through the rest of the rules in the chain, so putting it first in your chains may be causing trouble.
If that doesn't work, you'll need to consult someone familiar with firestarter on where to insert the rules.

BTW, nice work on the script jre

/meth/usr: Thx You know much is based on your work.
Please tell me, do you still use this solution for your dedicated firewall:
Or would this work with you, too:
Am I right that CUSTOMFORWARD is something specific for IPCop?

If anyone has any solution for his specific system (regarding iptables and firewalls), please post it here.
jre