MoBlock for Arch64

tony5429 · 2008-02-17 22:46:27

I am looking for a MoBlock/PeerGuardian solution for my arch64 system. The MoBlock package in AUR requires libnetfilter_queue. So I downloaded the libnetfilter_queue pkgbuild (also from aur) and tried to issue a makepkg but got an error saying that it didn't have 64-bit support... Any ideas anyone? If there is another app out there that can do the same thing as MoBlock and Peerguardian, but can work on arch64, please let me know. Thanks!

fwojciec · 2008-02-17 23:00:26

http://aur.archlinux.org/packages.php?d … s=0&SeB=nd
See my comment in the comments section for a PKGBUILD that works on 64bit machines (second comment from the top). Let me know if you run into problems -- I'll try to help.

tony5429 · 2008-02-17 23:24:48

Hrm... I downloaded the tarball there, unextracted it to a folder, and replaced the patch and pkgbuild inside it with your two files. It seems I still need the libnetfilter_queue, which requires 32-bit afaik...

[karam@vladimir moblock]$ makepkg
==> Making package: moblock 0.8-9  (Sun Feb 17 18:21:28 EST 2008)
==> Checking Runtime Dependencies...
==> Missing Dependencies:
  -> libnetfilter_queue
==> Checking Buildtime Dependencies...
==> ERROR: Could not resolve all dependencies.

fwojciec · 2008-02-17 23:28:50

Just edit the libnetfilter_queue PKGBUILD and make sure that the arch= line looks like this: arch=('i686' 'x86_64'). That should do it.

Last edited by fwojciec (2008-02-17 23:29:11)

tony5429 · 2008-02-18 00:12:13

Thanks!! I installed it (with your fixed pkgbuilds and extra moblock patch), added @moblock to /etc/rc.conf, uncommented some of the methlabs lists in /usr/bin/moblock-update, ran moblock-update, and rebooted my system. I think it is working now... but I am wondering though... is there a way I can check to see if it is working, or a log somewhere where I can see IP's which have been blocked??

Last edited by tony5429 (2008-02-18 00:33:24)

fwojciec · 2008-02-18 00:48:05

First you have to run "/etc/rc.d/moblock update" (as root) to download the block lists, after that restart moblock. To see if it's running you can do "pidof moblock". To see if it's blocking you can have a look in /etc/moblock/banned.list, pick an IP from the ones listed there and try to ping it with something like "ping -c1 [IP address here]". If the returned message says "100% packet loss" that means that moblock is working.

By the way -- I wouldn't put moblock in rc.conf. When you run it for the first time on 2.6.23 (or later) kernels it fails; after it fails you have to stop it and then start it again to actually get it to start properly (it's a known bug that is not fixed yet). It's better to start it manually when you need it, IMO. I actually use a little script to turn it on and off:

#!/bin/sh
if [ -f /var/run/moblock.pid ]; then
    echo Stopping Moblock
    sudo /etc/rc.d/moblock stop
else
    echo Starting Moblock
    sudo /etc/rc.d/moblock start
fi

While I'm at it... It's probably a good idea to manually edit the /usr/bin/MoBlock-nfq.sh file and to whitelist "http" and "https" (at the very least) in the "WHITE_TCP_OUT=" line -- otherwise you'll have problems opening some pages when moblock is running. Mine looks like this:

WHITE_TCP_OUT="http https ftp svn"

tony5429 · 2008-02-18 01:22:41

first off, thank you very much - you are being extremely helpful and I greatly appreciate it.

I went ahead and changed my WHITE_TCP_OUT to "http https ftp". Then I re-ran moblock-update and rebooted. Then I did this...

[root@vladimir karam]# /var/run/moblock.pid
bash: /var/run/moblock.pid: No such file or directory
[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                                                                                                                                                                                  [DONE]
[root@vladimir karam]# /usr/bin/MoBlock-nfq.sh: line 40: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 41: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 42: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 45: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 46: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 47: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 51: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 54: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 57: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 84: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 85: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 88: ./moblock: No such file or directory
/usr/bin/MoBlock-nfq.sh: line 93: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 94: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 95: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 98: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 99: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 101: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 102: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 103: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 104: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 105: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 106: iptables: command not found

Any ideas?

tony5429 · 2008-02-18 01:23:52

Oh; I will install iptables and see if it works then... shouldn't that have been marked as a dependency?

fwojciec · 2008-02-18 01:24:14

tony5429 wrote:

first off, thank you very much - you are being extremely helpful and I greatly appreciate it.

I went ahead and changed my WHITE_TCP_OUT to "http https ftp". Then I re-ran moblock-update and rebooted. Then I did this...

[root@vladimir karam]# /var/run/moblock.pid
bash: /var/run/moblock.pid: No such file or directory
[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                                                                                                                                                                                  [DONE]
[root@vladimir karam]# /usr/bin/MoBlock-nfq.sh: line 40: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 41: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 42: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 45: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 46: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 47: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 51: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 54: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 57: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 61: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 84: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 85: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 88: ./moblock: No such file or directory
/usr/bin/MoBlock-nfq.sh: line 93: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 94: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 95: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 98: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 99: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 101: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 102: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 103: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 104: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 105: iptables: command not found
/usr/bin/MoBlock-nfq.sh: line 106: iptables: command not found

Any ideas?

"pacman -Sy iptables" ?

fwojciec · 2008-02-18 01:25:29

tony5429 wrote:

Oh; I will install iptables and see if it works then... shouldn't that have been marked as a dependency?

It should, I'll add it to my version of the PKGBUILD.

tony5429 · 2008-02-18 01:26:29

hrm...now i am getting...

[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                                                                                                                                                                                  [DONE]
[root@vladimir karam]# /usr/bin/MoBlock-nfq.sh: line 88: ./moblock: No such file or directory

fwojciec · 2008-02-18 01:33:36

You must have somehow removed "MoBlock.patch" that comes with the default version of the PKGBUILD from AUR. The patch from my comment is not supposed to replace this patch, it's supposed to be used in addition to it.

tony5429 · 2008-02-18 01:38:18

Hrm...actually I did replace it with yours at first. But then I realised that they were two separate patches and used both before issuing makepkg. It seems I should be able to simply change line 88. I tried changing it to...

moblock -p /etc/moblock/banned.list /etc/moblock/moblock.log

Now my error is different...

[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                      [DONE]
[root@vladimir karam]# * Logging to /etc/moblock/moblock.log
* Ranges loaded: 477842
* Using .p2p file format
* Merged ranges: 462
* Skipped useless ranges: 13387
NFNETLINK answers: Invalid argument

fwojciec · 2008-02-18 01:41:35

That patch replaces line 88 with "/usr/bin/moblock -p /etc/moblock/banned.list /var/log/moblock.log" -- but yours works fine. This is precisely the error you should be getting the first time you run moblock. Now you can stop it, start it again and it should be working fine. It will fail with this error on every first run after system reboot.

EDIT: If you need more info about the bug that's causing this behavior you can have a look here: http://developer.berlios.de/bugs/?func= … up_id=2509

Last edited by fwojciec (2008-02-18 01:42:49)

tony5429 · 2008-02-18 01:43:25

Hrm...I tried that but it doesn't seem to be working...

[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                      [DONE]
[root@vladimir karam]# * Logging to /etc/moblock/moblock.log
* Ranges loaded: 477842
* Using .p2p file format
* Merged ranges: 462
* Skipped useless ranges: 13387
NFNETLINK answers: Invalid argument

[root@vladimir karam]# /etc/rc.d/moblock stop
:: Stoping MoBlock                                                       [BUSY]                                      Usage:
  kill pid ...              Send SIGTERM to every process listed.
  kill signal pid ...       Send a signal to every process listed.
  kill -s signal pid ...    Send a signal to every process listed.
  kill -l                   List all signal names.
  kill -L                   List all signal names in a nice table.
  kill -l signal            Convert between signal numbers and names.
                                                                         [FAIL]
[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                      [DONE]
[root@vladimir karam]# * Logging to /etc/moblock/moblock.log
* Ranges loaded: 477842
* Using .p2p file format
* Merged ranges: 462
* Skipped useless ranges: 13387
NFNETLINK answers: Invalid argument

tony5429 · 2008-02-18 01:48:00

Okay. I opened the moblock patch in kompare and see how MoBlock-nfq.sh should have changed as you mentioned. I am going to try to use the exact line that patch puts in...

tony5429 · 2008-02-18 01:52:19

Hrm...I am still having the same problem even if I stop it and start it again...

[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                                                                                                                                                                                  [DONE]
[root@vladimir karam]# * Logging to /var/log/moblock.log
* Ranges loaded: 477842
* Using .p2p file format
* Merged ranges: 462
* Skipped useless ranges: 13387
NFNETLINK answers: Invalid argument

[root@vladimir karam]# /etc/rc.d/moblock stop
:: Stoping MoBlock                                                                                                                                                                                                                   [BUSY] Usage:
  kill pid ...              Send SIGTERM to every process listed.
  kill signal pid ...       Send a signal to every process listed.
  kill -s signal pid ...    Send a signal to every process listed.
  kill -l                   List all signal names.
  kill -L                   List all signal names in a nice table.
  kill -l signal            Convert between signal numbers and names.
                                                                                                                                                                                                                                     [FAIL]
[root@vladimir karam]# /etc/rc.d/moblock start
:: Starting MoBlock                                                                                                                                                                                                                  [DONE]
[root@vladimir karam]# * Logging to /var/log/moblock.log
* Ranges loaded: 477842
* Using .p2p file format
* Merged ranges: 462
* Skipped useless ranges: 13387
NFNETLINK answers: Invalid argument

Have you tried the moblock-deb toxite was talking about on the AUR moblock package page?

fwojciec · 2008-02-18 01:52:20

I think something must have gone wrong with the way you installed it. I've uploaded a tarball with my moblock build dir and all the necessary files in it: http://www.loka.pl/outgoing/moblock.tar.gz. Try removing moblock completely using pacman -R and then rebuild the package using this tarball. Hopefully that'll get it to work.

EDIT: re moblock-deb -- from what I've read in the comments it doesn't work with the current line of kernels and I have no incentive to try and patch it since moblock is working fine for me.

Last edited by fwojciec (2008-02-18 01:53:58)

tony5429 · 2008-02-18 01:52:59

Alrighty; I'll give it a shot; thanks again!!

tony5429 · 2008-02-18 01:57:47

Okay. I think I may be hereby proving my n00b status. Before when I issued makepkg, I removed the x86_64 tarball which was created from that folder and deleted the rest of the files. Then I logged in as root and used pacman -U to install the tarball. I assumed the makepkg incorporated the patch into the x86_64 tarball. Was I wrong? I am going to try installing yours now, without removing the x86_64 tarball (keeping it in the same directory as all the other files there that you gave me).

fwojciec · 2008-02-18 02:00:54

I accidentally left the package that was built on my computer in the directory -- if you download the file again it shouldn't be there anymore, I've uploaded a new version. You should build it yourself on your computer, since my package is built with compiler flags that are specific to my processor (athlon x2) so it might not work on your computer.

tony5429 · 2008-02-18 02:13:39

It works!!! Thank you very much! I could have never done that on my own. BTW, I run an AMD Athlon 64 X2 6000+. Great cpu, isn't it?

Thanks again!

fwojciec · 2008-02-18 02:19:48

Glad to hear you got it working

tony5429 · 2008-04-11 15:47:09

fwojciec: Any idea when the "NFNETLINK answers: Invalid argument" issue will be resolved? Is it possible to simply write a patch for Moblock to fix the issue, or would that violate some licensing agreement?

fwojciec · 2008-04-11 15:50:31

No idea, sorry. That's something you'd need to take up with the program's author -- he doesn't seem too interested in improving moblock at this stage though...

Arch Linux

#1 2008-02-17 22:46:27

MoBlock for Arch64

#2 2008-02-17 23:00:26

Re: MoBlock for Arch64

#3 2008-02-17 23:24:48

Re: MoBlock for Arch64

#4 2008-02-17 23:28:50

Re: MoBlock for Arch64

#5 2008-02-18 00:12:13

Re: MoBlock for Arch64

#6 2008-02-18 00:48:05

Re: MoBlock for Arch64

#7 2008-02-18 01:22:41

Re: MoBlock for Arch64

#8 2008-02-18 01:23:52

Re: MoBlock for Arch64

#9 2008-02-18 01:24:14

Re: MoBlock for Arch64

#10 2008-02-18 01:25:29

Re: MoBlock for Arch64

#11 2008-02-18 01:26:29

Re: MoBlock for Arch64

#12 2008-02-18 01:33:36

Re: MoBlock for Arch64

#13 2008-02-18 01:38:18

Re: MoBlock for Arch64

#14 2008-02-18 01:41:35

Re: MoBlock for Arch64

#15 2008-02-18 01:43:25

Re: MoBlock for Arch64

#16 2008-02-18 01:48:00

Re: MoBlock for Arch64

#17 2008-02-18 01:52:19

Re: MoBlock for Arch64

#18 2008-02-18 01:52:20

Re: MoBlock for Arch64

#19 2008-02-18 01:52:59

Re: MoBlock for Arch64

#20 2008-02-18 01:57:47

Re: MoBlock for Arch64

#21 2008-02-18 02:00:54

Re: MoBlock for Arch64

#22 2008-02-18 02:13:39

Re: MoBlock for Arch64

#23 2008-02-18 02:19:48

Re: MoBlock for Arch64

#24 2008-04-11 15:47:09

Re: MoBlock for Arch64

#25 2008-04-11 15:50:31

Re: MoBlock for Arch64

Board footer