# peergardian linux?

## Attitude

I am looking for away to get peerguardian type function in linux. For those of you that might not know. PeerGuardian is a P2P firewall to protect those on P2P networks from the RIAA and the like. The other things it does is blocks adds from places like double click. Do I need to use hosts.deny or is there an app?

----------

## Evil Dark Archon

iptables should be able to do it, you will have to input the rules manually, but it will work exactly the same way as peerguardian, which is essentially a firewall program itself, a very basic one whose only function is to block certain ip ranges from connecting to you system

----------

## Xaignar

I use a couple of scripts to emulate PeerGuardian:

I have this one in /etc/cron.daily/badip in order to get the latest evil IPs:

```
#! /bin/sh

URL="http://methlabs.org/guarding.p2p"

WGET="/usr/bin/wget"

BADIP="/usr/bin/badip.py"

LIST="`${WGET} "${URL}" -O -|${BADIP}|grep "^[0-9]"|sort -n`"

if [ -n "${LIST}" ]

then

        echo "${LIST}" > /etc/firewall/blacklist

else

        echo "`date`: WARNING! UPDATING OF BLACKLIST FAILED!" >> /root/WARNING.TXT

fi
```

The script I use to clean the list (/usr/bin/badip.py) is this:

```
#!/usr/bin/python

import re, string, sys

def roundup(x):

   # We need to figure out the most significant bit, then set the x to that number.

   

   if x == 0: 

      return 255 

    elif x < 2:

      return 254 

     elif x < 4:

      return 252

     elif x < 8:

      return 248

     elif x < 16:

      return 240

     elif x < 32:

      return 224

     elif x < 64:

      return 192

     elif x < 128: 

      return 128

     elif x < 256: 

      return 0

   else:

      return 0

def parse(h4, h3, h2, h1, l4, l3, l2, l1):

   subnet4 = roundup(h4 ^ l4)

   subnet3 = roundup(h3 ^ l3)

   subnet2 = roundup(h2 ^ l2)

   subnet1 = roundup(h1 ^ l1)

     # Figure out which set of numbers changes, then set the lower numbers from it to 0.

     if subnet4 < 255:

         subnet3 = 0

         subnet2 = 0

         subnet1 = 0

     elif subnet3 < 255:

      subnet2 = 0

         subnet1 = 0

   elif subnet2 < 255:

        subnet1 = 0

   mask = str(subnet4) + "." +  str(subnet3) + "." +  str(subnet2) + "." +  str(subnet1)

   zz   = str(h4) + "." +  str(h3) + "." +  str(h2) + "." +  str(h1)

   

   if mask == "255.255.255.248":

           zz = zz + "/29"

   elif mask == "255.255.255.240":

           zz = zz + "/28"

   elif mask == "255.255.255.224":

           zz = zz + "/27"

   elif mask == "255.255.255.192":

           zz = zz + "/26"

   elif mask == "255.255.255.128":

           zz = zz + "/25"

   elif mask == "255.255.255.0":

           zz = zz + "/24"

   elif mask == "255.255.254.0":

           zz = zz + "/23"

   elif mask == "255.255.252.0":

           zz = zz + "/22"

   elif mask == "255.255.248.0":

           zz = zz + "/21"

   elif mask == "255.255.240.0":

           zz = zz + "/20"

   elif mask == "255.255.224.0":

           zz = zz + "/19"

   elif mask == "255.255.192.0":

           zz = zz + "/18"

   elif mask == "255.255.128.0":

           zz = zz + "/17"

   elif mask == "255.255.0.0":

           zz = zz + "/16"

   elif mask == "255.0.0.0":

           zz = zz + "/8"

   else:

           zz = "ERROR!!!" 

   return zz

   

f=sys.stdin

line = f.readline()

reg = re.compile("[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}")

while line:

   if reg.search(line) == None:

      line = f.readline()

      continue

   range = ""

   name  = ""

   count = 0

   while line[-1:] == " ":

      line = line[:-1]

   while line[0] != ":":

      name = name + line[0]

      line = line[1:]

   while line[-1] != ":":

      range = line[-1] + range

      line = line[:-1]

   

   if string.find(range, "-") < 0:

      result = range         

   else:

      x = 0

      val = ['']

      while range <> "\n" and range <> "":

         if range[0] == "." or range[0] == "-":

            x = x + 1

            val[x:x]=['']

         else:

            val[x] = val[x] + range[0]

         range = range[1:]

   

        result = parse(int(val[0]), int(val[1]), int(val[2]), int(val[3]), int(val[4]), int(val[5]), int(val[6]), int(val[7]));

   print string.replace(result, "\n", "")

   line = f.readline()
```

And then I have this as a part of my firewall script:

```
  /sbin/iptables -N blacklist_in

  /sbin/iptables -N blacklist_out

  (cat /etc/firewall/blacklist) |

  while read ip

  do

    /sbin/iptables -A blacklist_in  -s ${ip} -j DROP

    /sbin/iptables -A blacklist_out -d ${ip} -j REJECT

  done

  /sbin/iptables -A INPUT -j blacklist_in

  /sbin/iptables -A OUTPUT -j blacklist_out

```

Cheers =)

----------

## Leprechaun

In the peerguardian forum, search for linux.  There's a script in there called "peerguard.pl" (a perl script) that will update your iptables rules to include everything in the peerguardian database.  Quite a nice thing to have around.  Slap that in your crontab, you're good to go.  :Smile: 

----------

## ixtow

I'm having trouble getting my hands on this peerguard.pl file.  Anyone got it?

----------

## zerojay

You, of course, realize that PeerGuardian is nothing more than a false sense of security, right? Regardless of if they are able to connect to you or not, they can still see if and what you are sharing, especially if you're using BitTorrent where IP addresses of those seeding/downloading are completely out in the open.

If you want to keep yourself safe from the RIAA and friends, the only protection is to not run afoul of them to begin with.

----------

## Jerri

 *Quote:*   

> If you want to keep yourself safe from the RIAA and friends, the only protection is to not run afoul of them to begin with.

 

Or... you can simply hijack someone else's bandwidth.  

Just a suggestion.

----------

