linux poison RSS
linux poison Email

IP Filtering Program Similar to PeerGuardian for Linux - iplist

iplist is a Linux application for blocking connections to and from a specified range of hosts using the netfilter netlink-queue library. Iplist is an open source IP filtering program similar to PeerGuardian  for Linux.

Some typical reasons for using iplist are:
    * to protect your privacy
    * to ban a large number of unwanted clients
    * to block whole countries or networks
    * to block spam- and ad-servers
    * for parental control
    * network monitoring

Packets are filtered in the chains specified in IPTABLES_CHAIN_*. For each attempt to establish a new connection iplist looks at the source / destination address of the packet and decides based on the IPs in the lists whether to reject the connection (tcp-reset or icmp-port-unreachable) or to send it back to iptables to be handled by the rest of the iptables configuration. Packets in the INPUT chain are dropped by default. Nice side effects of rejecting packets rather than dropping are that there are no annoying timeouts if you try to access a blocked IP and it's hard to find out if the host which uses IPblock is online or uses a packet filter.

OpenSuSe user can use "1-click" installer to install iplist - here

After the installation if you want to open ipblock go to Applications > System >  Internet > ipblock. Once it opens you should see similar to the following screen

The default choice for lists is similar to peerguardian.

    * level1.gz - Anti-P2P organizations and known government addresses
    * ads-trackers-and-bad-pr0n.gz - Advertising and data tracker servers
    * spyware.gz - Malicious spyware and adware servers
    * edu.gz - Educational institutions and universities
    * bogon.gz - Spoofed IP-addresses

Custom p2p or dat lists can easily be added. Note that lists can optionally be compressed with gzip.These lists are maintained here

There are many more setting that you can do in "setting" tab.


DevOps said...

I got this information from -

If you think iplist doesn't work in the way it is mentioned, please let us all know about your findings.

I would be extremely delighted to publish your finds.

Anonymous said...

I installed iplist after reading your article but the GUI never came up. It asks for root password but nothing happens after that. I am using opensuse. Can you help ?

Anonymous said...

I installed iplist on openSUSE 11.1 x32_64 using the one click installer. So far it seems to be working. I need to do some additional testing when using a web or socks proxy to see if it works on those too.

Post a Comment

Related Posts with Thumbnails