2010年1月1日 星期五

安裝 PeerGuardian For Linux

a. 說明:

   PeerGuardian 是一套用來輔助防火牆的程式,裝在動物機上可以用來阻擋惡意 IP 的連線請求,透過黑名單機制也可以用來阻擋某些單位對於 P2P 程式的監控。
   
※一年多前的筆記,忘記參考資料來自哪個網站了....QQ

b.實作環境 :

   OS : Ubuntu 7.04
   CPU : Intel Celeron CPU 2.40GHz
   RAM : 3G

c.載點 : http://sourceforge.net/project/showfiles.php?group_id=131687&package_id=148849

d.安裝:

   $ sudo dpkg -i peerguardnf-1.5beta.i386.deb

e.建立設定檔目錄 :

   $ sudo mkdir /etc/peerguardian

f.建立啟動 Script :


   $sudo touch /usr/local/bin/peerguardian.sh
   $sudo chmod 750 /usr/local/bin/peerguardian.sh

g.peerguardian.sh 內容
=======================================
# version for bluetack.co.uk lists!
#!/bin/sh
# Update new blocklists and start/stop/restart PeerGuardian
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# testdescription
#
#CONFIGURATION
# Make sure PG_ETC points to the directory where
# you want to put your downloaded blocklists.
PG_ETC=/etc/peerguardian/
# Remove the lists you don't want to download and
# use from BLOCKLISTS.
BLOCKLISTS="level1"
PG_CONF=/etc/PG.conf
PG_LOG=/var/log/PG.log
PG_LIST=/etc/p2p.p2b.p2p
#The URL where the blocklists reside
URL=http://www.bluetack.co.uk/config
#The format of the lists to download
SUFFIX=gz
#The format after unpacking
SUFFIX2=txt

endscript () {
date +"------------ "%F" "%X" "%Z" End PeerGuardian Script"
exit $1
}
date +"------------ "%F" "%X" "%Z" Begin PeerGuardian $1"


case "$1" in
'start')
    cd "$PG_ETC"
    # check if blockfiles were updated:
    UPDATED=""
    for i in $BLOCKLISTS ; do
    TIMESTAMP=0
    if [ -e $i.$SUFFIX ] ; then
    TIMESTAMP=`stat --format=%y $i.$SUFFIX`
    echo "File $i.$SUFFIX last updated $TIMESTAMP"
    TIMESTAMP=`stat --format=%Y $i.$SUFFIX`
    fi
    wget -N $URL/$i.$SUFFIX
    if [ `stat --format=%Y $i.$SUFFIX` -gt $TIMESTAMP ] ; then
    UPDATED=$i
    fi
    done
  
    # if none of the blockfiles were updated:
    if [ -z $UPDATED ] ; then
    echo "No blocklists needed updating."
    echo "Starting PeerGuardian"
    mv $PG_LOG $PG_LOG.backup
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    fi
  
    # if any blockfiles were updated:
    for i in $BLOCKLISTS ; do
    gunzip -c $i.$SUFFIX > $i.$SUFFIX2
    BLOCKLISTSCAT="$BLOCKLISTSCAT $i.$SUFFIX2"
    done
    cat $BLOCKLISTSCAT | peerguardnf -f merged.p2b.p2p
    for i in $BLOCKLISTS ; do
    rm $i.$SUFFIX2
    done
    # uncomment below to unblock Yahoo! Mail and whatever
    # else needs unblocking here. Do this also in the
    # restart section.
    grep -v -i "yahoo\!" merged.p2b.p2p | grep -v -i "Microsoft" | grep -v "Google" > merged.p2b.p2p.tmp
    mv merged.p2b.p2p.tmp merged.p2b.p2p
    mv $PG_LIST $PG_LIST.backup
    mv merged.p2b.p2p $PG_LIST
    mv $PG_LOG $PG_LOG.backup
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    ;;

'stop')
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    endscript 0
    ;;

'restart')
    cd "$PG_ETC"
    # check if blockfiles were updated:
    UPDATED=""
    for i in $BLOCKLISTS ; do
    TIMESTAMP=0
    if [ -e $i.$SUFFIX ] ; then
    TIMESTAMP=`stat --format=%y $i.$SUFFIX`
    echo "File $i.$SUFFIX last updated $TIMESTAMP"
    TIMESTAMP=`stat --format=%Y $i.$SUFFIX`
    fi
    wget -N $URL/$i.$SUFFIX
    if [ `stat --format=%Y $i.$SUFFIX` -gt $TIMESTAMP ] ; then
    UPDATED=$i
    fi
    done
  
    # if none of the blockfiles were updated:
    if [ -z $UPDATED ] ; then
    echo "No blocklists needed updating."
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    mv $PG_LOG $PG_LOG.backup
    sleep 4
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    fi
  
    # if any blockfiles were updated:
    for i in $BLOCKLISTS ; do
    gunzip -c $i.$SUFFIX > $i.$SUFFIX2
    BLOCKLISTSCAT="$BLOCKLISTSCAT $i.$SUFFIX2"
    done
    cat $BLOCKLISTSCAT | peerguardnf -f merged.p2b.p2p
    for i in $BLOCKLISTS ; do
    rm $i.$SUFFIX2
    done
    # uncomment below to unblock Yahoo! Mail and whatever
    # else needs unblocking here. Do this also in the
    # restart section.
    grep -v -i "yahoo\!" merged.p2b.p2p | grep -v -i "Microsoft" | grep -v "Google" > merged.p2b.p2p.tmp
    mv merged.p2b.p2p.tmp merged.p2b.p2p
    echo "Stopping PeerGuardian"
    killall peerguardnf > /dev/null 2>&1
    mv $PG_LIST $PG_LIST.backup
    mv merged.p2b.p2p $PG_LIST
    mv $PG_LOG $PG_LOG.backup
    sleep 4
    echo "Starting PeerGuardian"
    peerguardnf -h -m -d -c "$PG_CONF" -l "$PG_LOG"
    endscript 0
    ;;

*)
    echo "Usage: $0 { start | stop | restart }"
    ;;
esac
exit 0
========================

h.啟動 :  $ sudo peerguardian.sh start
  重新啟動 : $ sudo peerguardian.sh restart
  停止 : $ sudo peerguardian.sh stop

i . 服務啟動層級設定

    當系統進入Runlevel 2、3、4、5 啟動 peerguardian

    $ ln -s /usr/local/bin/peerguardian.sh /etc/init.d/peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc0.d/K20peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc2.d/S95peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc3.d/S95peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc4.d/S95peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc5.d/S95peerguardian.sh
    $ ln -s /etc/init.d/peerguardian.sh /etc/rc6.d/K20peerguardian.sh
===================================

j.建立自動更新機制


   $ touch /etc/cron.daily/pg.sh
   $ sudo chmod 750 /etc/cron.daily/pg.sh

k. pg.sh 的內容如下:
==========================
#!/bin/sh

/usr/local/bin/peerguardian.sh restart
================================


l.PeerGuardian的Log 檔位置在 :  /var/log/PG.log

01.1.1.監控.網路.iftop

01.1.1.監控.網路.iftop

        iftop是一套用來即時監控網路介面頻寬使用狀態的網路監控工具。

01.1.1.1.安裝

     實作環境
         a.OS : CentOS 5.4 @ VitrualBox 3.1.2r56127
         b.硬體 :
             1.CPU : Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz
             2.RAM : 1G

     a.iftop官方網站 : http://www.ex-parrot.com/~pdw/iftop/

     b.安裝需求 : 依官方網站的說明,安裝此套件系統需已安裝下列兩函式,







  • libcurses
    libpcap







     c.下載套件 :

    


 






Powered By Blogger