# peer guardian on linux

## invalid account

Hello,

Does anyone know of an application like peer guardian for linux?

Thanks

Neil

----------

## ikaro

just get the peerguardian.p2p.zip and unzip it inside your mldonkey dir 

/home/p2p/.mldonkey

or else you can use this:

```

Type "cut -f2 -d":" guarding.p2p"

```

then

```

#!/usr/bin/python

from sys import stdin

from math import frexp

from operator import xor, getitem

from string import split

def compose(*funs):

   if len(funs)==0: return lambda x: x

   elif len(funs)==1: return funs[0]

   else: return lambda *args: funs[0](compose(*funs[1:])(*args))

partial  = lambda fun, *l_args: lambda *r_args: fun(*(l_args+r_args))

rpartial = lambda fun, *r_args: lambda *l_args: fun(*(l_args+r_args))

log2 = compose(rpartial(getitem, 1), frexp)

ip4_to_quad = compose(partial(map, int), rpartial(split, '.'))

def range_to_cidr(lower_ip, upper_ip):

   try:

      lower, upper = map(ip4_to_quad, (lower_ip, upper_ip))

      bits = 32 - sum(map(compose(log2, xor), lower, upper))

      return "%s/%d" % (lower_ip, bits)

   except ValueError, TypeError:

      return ""

def range_list_to_cidr_list(list):

   for range in list:

      yield range_to_cidr(*range.split()[0].split('-'))

for x in range_list_to_cidr_list(stdin.readlines()):

   print x

```

```

cat guarding.p2p|./guard.py >> /etc/shorewall/blacklist

```

#shorewall restart

But the first solution is better, simply drop the peerguardian.p2p file inside the mldonkey dir and it works.

If you dont use mldonkey you can try the second method with the blacklist in your firewall ( gets huge ) but works too.

----------

## invalid account

Thank you ikaro,

Can I just check that I have the right file please.

I have downloaded guarding_all.p2p.zip from http://methlabs.org/sync/

I have unzipped this file and it contains:

Vienna.University.Computer.Center.UNIVIE.BMG.FANOUT.AT:193.170.150.0-193.170.150.255

FR.RAEI.MINISTERE.DE.LA.CULTURE.1.CLB2:194.250.63.136-194.250.63.139

FR.RAEI.MINISTERE.DE.LA.CULTURE.2.CLB2:194.250.63.132-194.250.63.135

Ministere.de.la.culture.de.la.communication.FR:143.126.0.0-143.126.255.255

Ministere.de.la.Culture.et.de.la.Communication.MA:62.251.205.128-62.251.205.159

Ministere.de.la.Culture.et.des.Affaires.Sociales.de.la.Communaute.Francaise:193.53.34.0-193.53.34.255

Cambridge Entrepreneurial Network:199.232.0.0-199.232.255.255

baden.wuerttemberg.de.Regionales.RZ.Freiburg.Suedlicher.Oberrhein.GmbH.Ger:194.76.38.0-194.76.39.255

....

etc

Is this the correct file to save in /home/p2p/.mldonkey?

Is there also a way to check that this has worked. I just want to be sure I have this right.

Thanks

Neil

----------

## ikaro

yes thats the correct file.

plus i have the following in my crontab :

```

5 18 * * * /home/ikaro/.run/newp2p.sh

5 0 * * * /home/ikaro/.run/newp2p.sh

```

this runs everyday at 18:05pm and at 00:05am

newp2p.sh

```

#!/bin/bash

wget http://methlabs.org/sync/guarding.p2p.zip

    unzip guarding.p2p.zip;

        sudo mv guarding.p2p /home/p2p/.mldonkey;

            sudo chown p2p:users /home/p2p/.mldonkey/guarding.p2p;

    rm guarding.p2p.zip;

exit

```

this downloads a new file, unzips, moves to the right dir and cleans up.

Then you can access http://localhost:4080 and in Options -> ip blocking you can see who is hitting your ip .

shows something like this:

```

IBM Corporation IBM (NET-9-0-0-0-1,IBM  PGIPDB (2 hits): 9.0.0.0 - 9.255.255.255

HP  PGIPDB  and  Digital Equipment Corporation DEC-INTERNET (NET-16-0-0-0-1) (4 hits): 15.0.0.0 - 16.255.255.255

Iowa State University Palisade Systems connection (2 hits): 64.113.64.0 - 64.113.95.255

ClaraNet TEST Range (94 hits): 80.168.164.0 - 80.168.165.255

TIWUS  PGIPDB (4 hits): 81.72.71.0 - 81.72.71.255

Foundation of research+Technology Hellas + IBM Netherl+s N.V.  PGIPDB (24 hits): 139.91.0.0 - 139.91.255.255

Sun Microsystems, Inc  PGIPDB (2 hits): 192.9.0.0 - 192.9.199.255

I.NET SpA (used by Ita gov. agencies) (34 hits): 193.204.0.0 - 193.206.255.255

NSS S.A. Argentina  PGIPDB (44 hits): 200.68.112.0 - 200.68.127.255

SONY CORPORATION OF HONG KONG LIMITED 43/Lf., The Lee Gardens, 33 Hysan Avenue, Causeway Bay, HongKong Hong Kong (8 hits): 203.176.192.0 - 203.176.255.255

SONY corp  PGIPDB (2 hits): 219.101.32.0 - 219.101.47.255

6809 ranges

done

```

scary stuff ... the other day I even saw ips from "Office of the President of the USA" .. wonder what bush wants from my box .. prolly my large collection of pr0mo 

 :Laughing: 

----------

## invalid account

Great Thanks,

Hopefully that will stop any more of those nice letters   :Smile: 

----------

## ikaro

oh yeh .. i also got one of those once    :Rolling Eyes: 

----------

## invalid account

Glad I tested it. I needed to update mldonkey to get the latest version with ip blocking.

----------

## AhronZombi

does this only block when ips are trying to access donkey or does it act as a firewall. i dont use mldonkey much but i use bittorrent

----------

## ikaro

it block them from connecting to you on the ports where the p2p is running.

however if you the ip ranges in a firewall rule, then it will drop them.

----------

## AhronZombi

 *ikaro wrote:*   

> it block them from connecting to you on the ports where the p2p is running.
> 
> however if you the ip ranges in a firewall rule, then it will drop them.

 if i what?

----------

## ikaro

it blocks them from connecting to you, on the ports where the p2p is running, if you use it in combination wint mldonkey.

however if you put the ip ranges in a firewall rule, then it will drop them.

----------

## Salna

Check its use iptables to block adreses from peerguardian lists.

http://dessent.net/linblock/

----------

## zerojay

PeerGuardian is more or less worthless. They already know you are sharing files without needing to connect to you to see it. All it gives you is a false sense of security.

----------

## AhronZombi

 *DarkStalker wrote:*   

> PeerGuardian is more or less worthless. They already know you are sharing files without needing to connect to you to see it. All it gives you is a false sense of security.

 thats what americans like

----------

## AhronZombi

 *Salna wrote:*   

> Check its use iptables to block adreses from peerguardian lists.
> 
> http://dessent.net/linblock/

 i like this so far but i bet it will still take forever to save and reload iptables when a ireboot. know anyway to avoid that?

----------

