Skip to main content

Blocklist-Update.sh

Blocklist-Update.sh is a script that I wrote to manage blocklists from bluetack etc to be used in conjunction with Transmission torrent downloader in Linux/MacOS. The script can be taylored to work with Qbittorrent as well, but the placement of the blocklists means you'd have to redirect the blocklist to go somewhere locally manageable as Transmission uses its own blocklist directory in .config. I believe there are about 10 lists there now. It works well for my needs. It can be ran weekly using crontab in standard user profile.  To download:  blocklist-update.sh To download the others:  Github
Post a Comment

LINUX FIREWALL APPLICATIONS PT.1

The Linux firewall is managed by a service called Iptables. Iptables is a net-filter built into the Linux or Unix kernel. It is used even when third party applications are called. Iptables was initially released in 1998, but since has had a rewrite in favor of a new utility to be written into the kernel. People still use Iptables, most companies utilize this over third party applications just because they don’t want a middle man in between them and the computer’s settings. It is also more powerful using Iptables over third party applications as well because you’re interacting directly with the Kernel. Some third party applications that I frequently use include UFW for command line working with the firewall and GUFW for a gui for t he same command line firewall. Fedora and Red Hat have their own firewall service as firewall daemon. The Linux firewall is more robust than the Windows firewall in that it doesn’t try to discriminate traffic. It tells the user in the form of logs who is talking to each port.

The Linux firewall is easy to set up on most Debian and Arch-based systems. Simply type the following command to check the status of the current configuration: sudo ufw status verbose. This will tell you any services you have rules set for and will tell you whether or not the firewall is active. If the firewall is not active on startup, it’s possible that the service was not started in your init system. Most systems use Systemd for their initialization service now, so we will use that in this case. To enable the firewall in this case, use the command sudo systemctl enable ufw && sudo systemctl start ufw. This will initialize the firewall service in Systemd after giving systemd control of it. To disable you would simply use sudo systemctl stop ufw && sudo systemctl disable ufw.

Assuming that you’ve started your firewall in the init system on your computer, it’s a good idea to issue the command to the program itself sudo ufw enable. This command will enable the firewall on your current active session. Once completed, most users won’t need extra tampering and configuration to be done to their firewall, however, if you wish to tinker, or if you use certain services that the firewall doesn’t already have a preset for, it might be a good idea to allow that service through. It also might be a good idea to set some deny rules for some services you don’t use, such as SSH and TELNET. These two services are fun to use, they allow a user to communicate with their computer remotely, but they are often seen as a potential attack vector as well. To deny a service, it’s straight-forward. All you have to do is type sudo ufw deny and the service name. For example, we’ll use SSH. Type sudo ufw deny ssh. That’s it, you’re done. But I should warn you, if you use SSH, it’s a bad idea to do this. Also, if you torrent a lot, it might be wise to set up port forwarding. Port forwarding is done by allowing a service through a specific port with a specific protocol and then setting that application or service to use that same port. For example, sudo ufw allow transmission-gtk. This tells UFW to allow all incoming through the port that Transmission(Bittorrent client) uses. It would then be a good idea to type sudo ufw reload to reload the firewall to accept the new settings.

My bash scripts on github, also have the ability to enable the firewall and set ssh and telnet to deny for you should you wish.

Comments

Post a Comment

Popular posts from this blog

NOSCRIPT CONFIGURATION FOR PALE MOON SPECIFICALLY

I wrote an article before about making Pale Moon more private. I covered a few of the settings and back end changes I make each time I install it. I mentioned Noscript, but I didn’t give any details about how I set it up. First though, you have to get the version already marked for your version of “Firefox” or in this case, Pale Moon. If you went to https://addons.palemoon.org/addon/noscript/ you would probably find the Pale Moon addons page devoted to the newest possible Noscript being marked specifically for Pale Moon. Other versions may work, but these are hybrid addons and the closer we get to Noscript 10, the less I trust it to work with Pale Moon specifically. I just opt to stick with 5.0.6. There have been people asking about what happens when Maone, the developer stops supporting the hybrid versions of Noscript, “Will it work with Pale Moon?” Why yes it will. Noscript blocks scripts, that’s its main function and it will do that as long as Java script exists on a page. ...
Post a Comment
Read more

SSD PARTITION ALIGNMENT

I was searching for more information regarding SSDs last night as that is what I now use, I found an interesting little tip that most users will never have to worry about, but people using Arch Linux, Manjaro or Windows that was cloned from another drive may want to consider checking this. The Partition manager within Linux normally takes good care to ensure that you have some free space to be used by the SSD in the event that a cell becomes worn out or corrupted. Also, Linux generally ensures that a proper amount of unallocated drive space is set aside preceeding the partition. However, on my own image of Manjaro, I discovered that this was not the case. The partition was “out of alignment”. To fix this situation, I found an article on  Lifehacker that went into instructional detail about how to solve this from a live environment or an image of Gparted . Gparted is a separate live environment of Linux that is based on Debian and uses Gparted as the main tool to manage...
Post a Comment
Read more

PALE MOON PRIVACY SETUP

I did a review of Pale Moon back when 27.6.2 came out in linux. I had mostly great things to say about the browser then and my feelings towards it have not changed. Pale Moon is a very useful tool for scowering the net. It has privacy at its core with a few implementations made by Moonchild, the lead developer, built in. I also mentioned the point that Pale Moon has a canvas poisoning feature in the backend, however, I wasn’t very clear about how to turn it on. I thought in this tutorial, I’d show with a series of screen shots, some of the useful settings and preferences that I change to make Pale Moon a bit more private. I also thought I’d take this time to rant a little more about some of the not so savory issues with Firefox which have recently come under scrutiny by various people in the the Linux world. First order of business, if you haven’t heard, Mozilla recently added an extension into their browser which gave people ads. That’s right, they were ads for a specific t...
Post a Comment
Read more