PeerGuardian is a firewall for Peer to Peer software (i.e. BitTorrent) blocking bad peers.
This howto is tested on:
- Debian 10.0 Buster
This howto is tested with these versions of the software:
- 2.3.1
Requirements
This howto recommends :
Installation
Detect if sudo is available (“command” is used if not):
cmdProxy='command'
command type -f 'sudo' &>'/dev/null' && cmdProxy='sudo'
Install the software’s requirements:
${cmdProxy} apt install 'gnupg'
Setup the software repository:
${cmdProxy} tee '/etc/apt/sources.list.d/moblock-deb.list' \
<<< '# Moblock & PeerGuardian for Debian Stretch and newer.
deb http://moblock-deb.sourceforge.net/debian stretch main
deb-src http://moblock-deb.sourceforge.net/debian stretch main'
Fetch the repository signing key:
${cmdProxy} apt-key adv --keyserver 'hkp://keyserver.ubuntu.com:80' \
--recv-keys 'C0145138'
Update the list of available packages:
${cmdProxy} apt update
Install the software:
callChain=("DEBIAN_FRONTEND=noninteractive" "${cmdProxy}")
test "${cmdProxy}"='sudo' && callChain=('sudo' "DEBIAN_FRONTEND=noninteractive")
${callChain[@]} apt install 'pgld' 'pglcmd'
Configuration
Install a completer block lists configuration:
${cmdProxy} wget --quiet --output-document='/etc/pgl/blocklists.list' \
'https://raw.githubusercontent.com/biapy/howto.biapy.com/master/torrent/blocklists.list'
Detect the ports used by vsFTPd passive mode, if needed:
ftpPassiveRange=""
if [ -e '/etc/vsftpd.conf' ]; then
minPort=$(command grep '^pasv_min_port=' '/etc/vsftpd.conf' \
| command cut --delimiter="=" --fields=2)
maxPort=$(command grep '^pasv_max_port=' '/etc/vsftpd.conf' \
| command cut --delimiter="=" --fields=2)
[[ -n "${minPort}" -a -n "${maxPort}" ]] && ftpPassiveRange="${minPort}:${maxPort}"
fi
Disable blockcontrol for HTTP, HTTPS and SSH (and FTP passive) ports:
${cmdProxy} tee -a '/etc/pgl/pglcmd.conf' \
<<< "WHITE_TCP_OUT=\"http https ssh ftp ${ftpPassiveRange}\"
WHITE_TCP_IN=\"http https ssh ftp ${ftpPassiveRange}\""
Reload the PGL settings:
${cmdProxy} systemctl reload 'pgl'
White list management
Install the tool :
${cmdProxy} wget "https://raw.githubusercontent.com/biapy/howto.biapy.com/master/torrent/pgl-tools" \
--quiet --no-check-certificate --output-document="/usr/local/bin/pgl-tools"
Declare the downloaded file as executable:
${cmdProxy} chmod +x "/usr/local/bin/pgl-tools"
Automatic updates
Configure biapy-updater automatic updates to check for new versions of the software:
${cmdProxy} tee -a '/etc/biapy-updater.conf' <<< 'pgl-tools'
Usage
Add a Torrent tracker to the PGL’s white list (here for openbittorrent):
${cmdProxy} pgl-tools --add 'tracker.openbittorrent.com'
A line for the added whitelisted host is added in “/etc/pgl/allow.p2p”.
Reload the PGL settings:
${cmdProxy} systemctl reload 'pgl'
Thanks
- Thanks to MoBlock (de) developers.
- Thanks to PeerGuardian Linux (en) developers.
0 Comments