From 6fa5f08247aef1f757f376ef12bd4a6257c124f2 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 14 Nov 2012 01:13:06 -0800 Subject: Wed Nov 14 01:13:05 PST 2012 --- pcr/moblock/MoBlock-nfq.sh.patch | 53 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 pcr/moblock/MoBlock-nfq.sh.patch (limited to 'pcr/moblock/MoBlock-nfq.sh.patch') diff --git a/pcr/moblock/MoBlock-nfq.sh.patch b/pcr/moblock/MoBlock-nfq.sh.patch new file mode 100644 index 000000000..f9136c3c7 --- /dev/null +++ b/pcr/moblock/MoBlock-nfq.sh.patch @@ -0,0 +1,53 @@ +--- MoBlock-0.8/MoBlock-nfq.sh.orig 2008-11-30 03:44:02.000000000 -0500 ++++ MoBlock-0.8/MoBlock-nfq.sh 2008-12-01 18:56:15.000000000 -0500 +@@ -3,14 +3,10 @@ + # MoBlock.sh - MoBlock start script + # --------------------------------- + +-ACTIVATE_CHAINS=1 +-WHITE_TCP_IN="" +-WHITE_UDP_IN="" +-WHITE_TCP_OUT="" +-WHITE_UDP_OUT="" +-WHITE_TCP_FORWARD="" +-WHITE_UDP_FORWARD="" ++# Some configuration options have been moved to an external conf file ++# This should make maintenance and upgrading easier + ++. /etc/moblock/config + + PIDF=/var/run/moblock.pid + +@@ -78,6 +74,17 @@ + iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT + done + ++# For added IP whitelisting support ++ ++for IP in $WHITE_IP_OUT; do ++ iptables -I MOBLOCK_OUT -p all -m iprange --dst-range $IP -j ACCEPT ++done ++for IP in $WHITE_IP_IN; do ++ iptables -I MOBLOCK_IN -p all -m iprange --src-range $IP -j ACCEPT ++done ++for IP in $WHITE_IP_FW; do ++ iptables -I MOBLOCK_FW -p all -m iprange --dst-range $IP -j ACCEPT ++done + + # Loopback traffic fix + +@@ -85,7 +92,8 @@ + iptables -I OUTPUT -p all -o lo -j ACCEPT + + # Here you can change block list and log files +-./moblock -p /etc/guarding.p2p ./moblock.log ++#./moblock -p /etc/guarding.p2p ./moblock.log ++/usr/bin/moblock -p /etc/moblock/banned.list /var/log/moblock.log >/dev/null 2>&1 + + # On exit delete the rules we added + +@@ -108,3 +116,4 @@ + if [ -f $PIDF ]; then + rm $PIDF; + fi ++ -- cgit v1.2.3-54-g00ecf