pcr/moblock/MoBlock-nfq.sh.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

--- MoBlock-0.8/MoBlock-nfq.sh.orig	2008-11-30 03:44:02.000000000 -0500
+++ MoBlock-0.8/MoBlock-nfq.sh	2008-12-01 18:56:15.000000000 -0500
@@ -3,14 +3,10 @@
 # MoBlock.sh - MoBlock start script
 # ---------------------------------
 
-ACTIVATE_CHAINS=1
-WHITE_TCP_IN=""
-WHITE_UDP_IN=""
-WHITE_TCP_OUT=""
-WHITE_UDP_OUT=""
-WHITE_TCP_FORWARD=""
-WHITE_UDP_FORWARD=""
+# Some configuration options have been moved to an external conf file
+# This should make maintenance and upgrading easier
 
+. /etc/moblock/config
 
 PIDF=/var/run/moblock.pid
 
@@ -78,6 +74,17 @@
 	iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT
 done
 
+# For added IP whitelisting support
+
+for IP in $WHITE_IP_OUT; do
+    iptables -I MOBLOCK_OUT -p all -m iprange --dst-range $IP -j ACCEPT
+done
+for IP in $WHITE_IP_IN; do
+    iptables -I MOBLOCK_IN -p all -m iprange --src-range $IP -j ACCEPT
+done
+for IP in $WHITE_IP_FW; do
+    iptables -I MOBLOCK_FW -p all -m iprange --dst-range $IP -j ACCEPT
+done
 
 # Loopback traffic fix
 
@@ -85,7 +92,8 @@
 iptables -I OUTPUT -p all -o lo -j ACCEPT
 
 # Here you can change block list and log files
-./moblock -p /etc/guarding.p2p ./moblock.log
+#./moblock -p /etc/guarding.p2p ./moblock.log
+/usr/bin/moblock -p /etc/moblock/banned.list /var/log/moblock.log >/dev/null 2>&1
 
 # On exit delete the rules we added
 
@@ -108,3 +116,4 @@
 if [ -f $PIDF ]; then	
 	rm $PIDF;
 fi
+