Amule: Difference between revisions

Stability

• Version 2.2.3-0.pm.4 (i586) + limit 30kB up/200kB down is stable

Firewall

• !!! there is 3 ports to open: TCP 4911, UDP 4672, UDP 4914 (=standard TCP+3)
  • With default TCP 4662 (and UDP 4665), eD2k works well, but can't connect to Kad and/or aMule always says Firewalled.
  • → Changed to TCP 4911 / UDP 4914 (TCP+3).
  • Configured ADSL box to forward all ports 4500-4999 (TCP+UDP) to my machine.
• Some reference pages:
  • FAQ eD2k-Kademlia
  • No Kad. (UDP socket dies)

Privacy

There are several solutions for blocking access to "bad" peers (bogus peers, malware distribution, snooping peers from governmental and copyright organizations):

• MoBlock
  See MoBlock on Ubuntu. The peerguardian for linux, but apparently has been merged in peerguardian. The last release dates back in 2006. However moblock-deb seems to be a new version, linked with peerguardian (same maintainer, called jre)
• iplist
  Last release from 2010.
• peerguardian. Version 2 seems available for linux, last release in 2011...
• peerblock, the new version of peerguardian apparently (windows only...).

On the effectiveness of blocking lists:

• http://torrentfreak.com/do-p2p-blocklists-keep-you-safe/

MoBlock

• Homepage: http://moblock.berlios.de/
• To make on openSUSE: http://forums.phoenixlabs.org/showthread.php?t=16461
  • Need package: libnetfilter_queue-0.0.15.tar.bz2, libnfnetlink-0.0.33.tar.bz2.

iplist

• iplist is a list based packet handler which uses the netfilter netlink-queue library (kernel 2.6.14 or later). It filters by IP-address and is optimized for thousands of IP-address ranges. It is an alternative to MoBlock.
• Homepage
• Post on openSUSE: http://forums.opensuse.org/applications/388841-iplist-peerguardian-linux-must-have-p2p.html

Installation

• On Ubuntu:
• There is an apt repository. Add a file iplist.list in directory /etc/apt/sources.list.d):

deb http://ppa.launchpad.net/ssakar/ppa/ubuntu karmic main
deb-src http://ppa.launchpad.net/ssakar/ppa/ubuntu karmic main

• Import the package key and install the package:

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com C6E3D905C8BCD56BB02E6E0B39456311108B243F
sudo apt-get install iplist

• On other distributions:
• Download required netfilter packages from Netfilter page
• libnfnetlink
• libnetfilter_queue
• Download iplist from IPList page.
• openSUSE prebuilt RPMs (iplist-0.22-0.suse11.i586.rpm)
• Other versions
• First build libnfnetlink:

tar -xvfj libnfnetlink-0.0.39.tar.bz2
cd libnfnetlink-0.0.39
./configure --prefix=/usr              # install libs in /usr/lib instead of /usr/local/lib
make
sudo make install

• Then build libnetfilter_queue:

tar -xvfj libnetfilter_queue-0.0.16.tar.bz2
cd libnetfilter_queue-0.0.16
./configure --prefix=/usr              # install libs in /usr/lib instead of /usr/local/lib
make
sudo make install

• Finally, install iplist, but ignore dependencies:

sudo rpm -ivh --nodeps iplist-0.22-0.suse11.i586.rpm

Configuration

Following the recommendation on this post:

• Copy the default configuration files:

cp /usr/share/doc/iplist/examples/ipblock.lists /etc
cp /usr/share/doc/iplist/examples/ipblock.conf /etc

• Edit the list file, and replace the bluetack.co.uk entries with those from iblocklist, which are updated more often.

vim /etc/ipblock.lists

Usage

• Type sudo DISPLAY=:0.0 /usr/sbin/ipblock -g to start the GUI. At first boot, it will creates the rc.d entry.
• Type sudo /usr/sbin/ipblock -s& to start blocking.
• Configuration file is at /etc/ipblock.conf. All lists URL is at /etc/ipblock.list.

Troubleshoot

• If like me, your dhcp server gives you an address in the range 172.19.xxx.yyy, all internet connections will be blocked by iplist. To prevent this, an easy (but heavy) workaround is simply to remove list bogon.gz.

Netfilter

• Homepage
• Used by other filtering application above (usually libnfnetlink, and libnetfilter_queue)
• ipset is an alternative to iplist but requires more hand works.