Peerguardin Daemon/Gui Installations & Update Script - Page 3 - Phoenix Labs

		Phoenix Labs > Projects > PeerGuardian Linux
Peerguardin Daemon/Gui Installations & Update Script

Mark Forums Read

Page 3 of 4

3


08-05-2005, 06:23 AM	#21
*JFM* Public Relations Join Date: Sep 2005 Location: Kent, UK Country: Posts: 2,501	killall peerguardnf works for me, without -9 that init script is a very good idea :) __________________ Joseph Farthing Public Relations


08-05-2005, 10:57 AM	#22
Country: Posts: n/a	oops, i didn't explain it right. when i kill it manually with its pid it works, but when i try to kill it with the init script, e.g. /etc/init.d/peerguardnf stop, which is a killall call, something gets broken - but not always. i also tried it with a renamed script, so that it cannot kill itself, didn't help. it seems the only way for me to kill it in a clean way is doing it manually with the pid. strange situation. unfortunately pg seems to have a startup routine that spawns the real pg process, so one cannot use a pid file, right?


08-23-2005, 04:34 AM	#23
Country: Posts: n/a	scripts I'm using... Improved from JFM's suggestions before, here's what I'm using for an update script... Most notably, it only downloads new blocklists when they're updated, so it doen't waste bandwidth needlessly, and doesn't hurt blocklist.org much to check. It also only restarts peerguardian if an update took place, which leaves the computer unprotected for a minimal amount of time and doesn't slam the processor unnecessarily on weak firewall boxes. Code: #!/bin/sh # # Copyright (C) 2005 /meth/usr # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # peerguardianupdate # Make sure PG_ETC points to the directory where # you want to put your downloaded blocklists. # Remove the lists you don't want to download and # use from BLOCKLISTS. PG_ETC=/etc/peerguardian/ BLOCKLISTS="ads edu gov p2p spy" endscript () { date +"------------ "%F" "%X" "%Z" End PeerGuardian update" exit $1 } date +"------------ "%F" "%X" "%Z" Begin PeerGuardian update" cd "$PG_ETC" UPDATED="" for i in $BLOCKLISTS ; do TIMESTAMP=0 if [ -e $i.p2b.gz ] ; then TIMESTAMP=`stat --format=%y $i.p2b.gz` echo "File $i.p2b.gz last updated $TIMESTAMP" TIMESTAMP=`stat --format=%Y $i.p2b.gz` fi wget -N http://blocklist.org/$i.p2b.gz if [ `stat --format=%Y $i.p2b.gz` -gt $TIMESTAMP ] ; then UPDATED=$i fi done # if none of the blockfiles were updated, # then just exit if [ -z $UPDATED ] ; then echo "No blocklists needed updating." endscript 0 fi rm -f *.p2p > /dev/null 2>&1 for i in $BLOCKLISTS ; do gunzip -c $i.p2b.gz > $i.p2b peerguardnf -n $i.p2b rm $i.p2b BLOCKLISTSCAT="$BLOCKLISTSCAT $i.p2b.p2p" done cat $BLOCKLISTSCAT \| peerguardnf -f merged.p2b.p2p for i in $BLOCKLISTS ; do rm $i.p2b.p2p done # uncomment below to unblock Yahoo! Mail and whatever else needs unblocking here #grep -v -i "yahoo\!" merged.p2b.p2p \| grep -v -i "spite media" \| grep -v "Trendstep Ltd" > merged.p2b.p2p.tmp #mv merged.p2b.p2p.tmp merged.p2b.p2p /usr/local/bin/restartpg endscript 0 I put it in fcrontab to run a minute after startup and every 6 hours. It also outputs to a log file: Code: # Refresh PeerGuardian's blocklist @first(1) 6h peerguardianupdate >> /path/to/your/peerguardianupdate.log 2>&1 and the restart script (adjust paths as necessary): Code: #!/bin/sh # # Copyright (C) 2005 /meth/usr # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA PG_CONF=/etc/peerguardian.conf PG_LOG=/var/log/peerguardian.log killall peerguardnf > /dev/null 2>&1 sleep 4 peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG" sleep 1 # change iptables rules from defaults to ones that work on a firewall iptables -D CUSTOMFORWARD -j PEERGUARDFORWARD > /dev/null 2>&1 iptables --flush PEERGUARDFORWARD > /dev/null 2>&1 iptables --delete-chain PEERGUARDFORWARD > /dev/null 2>&1 iptables --new PEERGUARDFORWARD iptables -D INPUT -j QUEUE iptables -D OUTPUT -j QUEUE iptables -A PEERGUARDFORWARD -j QUEUE iptables -A CUSTOMFORWARD -j PEERGUARDFORWARD exit 0 ...the restart script is written for using peerguardian on a dedicated firewall. Use the restart script from an rc file to get it up and running at system startup. Then everything works fully automated (as it should ) enjoy!


08-23-2005, 12:55 PM	#24
*JFM* Public Relations Join Date: Sep 2005 Location: Kent, UK Country: Posts: 2,501	very nice work, i'll try these out later tonight :D __________________ Joseph Farthing Public Relations


08-25-2005, 05:16 AM	#25
Country: Posts: n/a	old .gz blocklists gone on blocklist.org Hi People, Today I realised that all the old .gz blocklists are gone on blocklist.org because methlabs has put a beta of the new blocklist.org. So at the moment the only blocklist I can download are the ones which the peerguardian2 for windows also uses which are located in: http://lists.blocklist.org/ads.7z http://lists.blocklist.org/edu.7z http://lists.blocklist.org/gov.7z http://lists.blocklist.org/p2p.7z http://lists.blocklist.org/spy.7z I also found a linux port of 7zip which extracts the .p2b files but peerguardnf complains about errors when converting them to .p2p. Does anyone have an idea on how to fix this? That would be great cause at the moment I can't update my lists anymore


08-25-2005, 05:49 AM	#26
*JFM* Public Relations Join Date: Sep 2005 Location: Kent, UK Country: Posts: 2,501	I'm trying to sort this asap __________________ Joseph Farthing Public Relations


08-25-2005, 06:35 AM	#27
*JFM* Public Relations Join Date: Sep 2005 Location: Kent, UK Country: Posts: 2,501	the gz lists will be returned shortly, i suggest you don't update for a couple of days we just forgot to move them, thats all, once the daily update from the ipdb is working gz lists will be made with p2b v2 and 7z lists will be made with p2b v 3 gz lists are also used by emule users, so good to do this.. :) __________________ Joseph Farthing Public Relations


08-26-2005, 02:00 AM	#28
Country: Posts: n/a	peerguardnf no longer able to convert lists Well, the lists are back online, but now a new problem appeared. When I try to convert any of the new .gz lists I get the message: unknown p2b versioninvalid p2b streamfile saved as ./custom_blocklists/ads.p2b.p2p This is exactly the same error I got with the .7z lists I tried yesterday, cause I was able to download and extract them as well, but they too give the same error. When I look at the created .p2p files they seem to have only partial host names or garbage in each line. So only changing the version check in peerguardnf will not do the trick. Does anyone know how to correct this. Maybe supply a patch or point out what lines to change in which file before compiling peerguardnf? That would be really great!


09-08-2005, 10:38 AM	#29
Country: Posts: n/a	Script and installation instructions I took /meth/usr's script, had some days of learning how some things work and made a script for easy handling PeerGuardian. Since all this took me much time, i will tell you how i install it and get it working automatically on my Debian machine. I think that's usefull for newbies. jre Features: - This script only downloads new blocklists (traffic saving) - has three options: start, stop and restart - allows to easily manage, what blocklists are downloaded - allows to have unblocked IPs - makes a backup of the old blocklist - makes a backup of the log file and starts a new one, so the log stays small - ... - and is very easy to handle because it's just one file Installation: Save the script-text as a file called peerguardian.sh In the console change to the directory where you have just saved the file and type (as root): Code: cp peerguardian.sh /usr/local/bin mkdir /etc/peerguardian In debian this way the ownership and file permissions are set to "-rwxr-xr-x 1 root staff" (It's important that the script is executable(x), you can do this with chmod) You can now handle PeerGuardian by just typing (as root) in a console one of the following commands: Code: peerguardian.sh start IF there are updates for the blocklists available they are updated, the old blocklist and the log-file are backuped and PeerGuardian is started. Code: peerguardian.sh restart If there are updates for the blocklists available they are updated, the old blocklist and the log-file are backuped, old PeerGuardian processes are killed and after 4 seconds PeerGuardian is started again. Code: peerguardian.sh stop PeerGuardian is stopped. To automatically start PeerGuardian at bootup type the following (as root in the console): Code: ln -s /usr/local/bin/peerguardian.sh /etc/init.d/peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc0.d/K20peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc2.d/S95peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc3.d/S95peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc4.d/S95peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc5.d/S95peerguardian.sh ln -s /etc/init.d/peerguardian.sh /etc/rc6.d/K20peerguardian.sh To automatically update the already running PeerGuardian use cron. In my example it updates everyday at 4:37 AM. Type as root in the console: Code: crontab -u root -e Now you're in an editor, insert here the next two lines (one line text and one free line) and save the file: Code: 37 4 * * * /usr/local/bin/peerguardian.sh update And here is the Script: Code: #!/bin/sh # Update new blocklists and start/stop/restart PeerGuardian # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # testdescription # # Make sure PG_ETC points to the directory where # you want to put your downloaded blocklists. # Remove the lists you don't want to download and # use from BLOCKLISTS. PG_ETC=/etc/peerguardian/ BLOCKLISTS="ads p2p spy phishing bogon" #BLOCKLISTS="ads edu gov p2p spy phishing bogon" PG_CONF=/etc/PG.conf PG_LOG=/var/log/PG.log PG_LIST=/etc/p2p.p2b.p2p endscript () { date +"------------ "%F" "%X" "%Z" End PeerGuardian Script" exit $1 } date +"------------ "%F" "%X" "%Z" Begin PeerGuardian $1" case "$1" in 'start') cd "$PG_ETC" # check if blockfiles were updated: UPDATED="" for i in $BLOCKLISTS ; do TIMESTAMP=0 if [ -e $i.p2b.gz ] ; then TIMESTAMP=`stat --format=%y $i.p2b.gz` echo "File $i.p2b.gz last updated $TIMESTAMP" TIMESTAMP=`stat --format=%Y $i.p2b.gz` fi wget -N http://blocklist.org/$i.p2b.gz if [ `stat --format=%Y $i.p2b.gz` -gt $TIMESTAMP ] ; then UPDATED=$i fi done # if none of the blockfiles were updated: if [ -z $UPDATED ] ; then echo "No blocklists needed updating." echo "Starting PeerGuardian" mv $PG_LOG $PG_LOG.backup peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG" endscript 0 fi # if any blockfiles were updated: rm -f .p2p > /dev/null 2>&1 for i in $BLOCKLISTS ; do gunzip -c $i.p2b.gz > $i.p2b peerguardnf -n $i.p2b rm $i.p2b BLOCKLISTSCAT="$BLOCKLISTSCAT $i.p2b.p2p" done cat $BLOCKLISTSCAT \| peerguardnf -f merged.p2b.p2p for i in $BLOCKLISTS ; do rm $i.p2b.p2p done # uncomment below to unblock Yahoo! Mail and whatever # else needs unblocking here. Do this also in the # restart section. #grep -v -i "yahoo\!" merged.p2b.p2p \| grep -v -i "spite media" \| grep -v "Trendstep Ltd" > merged.p2b.p2p.tmp #mv merged.p2b.p2p.tmp merged.p2b.p2p mv $PG_LIST $PG_LIST.backup mv merged.p2b.p2p $PG_LIST mv $PG_LOG $PG_LOG.backup echo "Starting PeerGuardian" peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG" endscript 0 ;; 'stop') echo "Stopping PeerGuardian" killall peerguardnf > /dev/null 2>&1 endscript 0 ;; 'restart') cd "$PG_ETC" # check if blockfiles were updated: UPDATED="" for i in $BLOCKLISTS ; do TIMESTAMP=0 if [ -e $i.p2b.gz ] ; then TIMESTAMP=`stat --format=%y $i.p2b.gz` echo "File $i.p2b.gz last updated $TIMESTAMP" TIMESTAMP=`stat --format=%Y $i.p2b.gz` fi wget -N http://blocklist.org/$i.p2b.gz if [ `stat --format=%Y $i.p2b.gz` -gt $TIMESTAMP ] ; then UPDATED=$i fi done # if none of the blockfiles were updated: if [ -z $UPDATED ] ; then echo "No blocklists needed updating." echo "Stopping PeerGuardian" killall peerguardnf > /dev/null 2>&1 mv $PG_LOG $PG_LOG.backup sleep 4 echo "Starting PeerGuardian" peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG" fi # if any blockfiles were updated: rm -f .p2p > /dev/null 2>&1 for i in $BLOCKLISTS ; do gunzip -c $i.p2b.gz > $i.p2b peerguardnf -n $i.p2b rm $i.p2b BLOCKLISTSCAT="$BLOCKLISTSCAT $i.p2b.p2p" done cat $BLOCKLISTSCAT \| peerguardnf -f merged.p2b.p2p for i in $BLOCKLISTS ; do rm $i.p2b.p2p done # uncomment below to unblock Yahoo! Mail and whatever # else needs unblocking here. Do this also in the # restart section. #grep -v -i "yahoo\!" merged.p2b.p2p \| grep -v -i "spite media" \| grep -v "Trendstep Ltd" > merged.p2b.p2p.tmp #mv merged.p2b.p2p.tmp merged.p2b.p2p echo "Stopping PeerGuardian" killall peerguardnf > /dev/null 2>&1 mv $PG_LIST $PG_LIST.backup mv merged.p2b.p2p $PG_LIST mv $PG_LOG $PG_LOG.backup sleep 4 echo "Starting PeerGuardian" peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG" endscript 0 ;; *) echo "Usage: $0 { start \| stop \| restart }" ;; esac exit 0


10-26-2005, 10:51 AM	#30
b0x3r Member Join Date: Oct 2005 Country: Posts: 5	Re: Peerguardin Daemon/Gui Installations & Update Script Interesting Scripts. I am about to install Slackware 10.2 on a Server. Any help on installing PG Linux would be appreciated.

Page 3 of 4

3

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

Forum Jump

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
MoBlock with init script and auto update on Fedora	Quadduc	PeerGuardian Linux	43	07-09-2009 10:54 PM
Linux PeerGuardian update script for bluetack.co.uk	jre	PeerGuardian Linux	31	01-28-2007 10:28 AM
Have been hacked for 4 weeks.	Being_Hacked	Misc.	19	09-14-2006 10:54 AM
Getting Gov. hits and dont know why	ocean	Technical Support	13	11-24-2005 05:16 AM

All times are GMT -5. The time now is 09:18 AM.