MoBlock is a IP blocking daemon that uses iptables. MoBlock is also unofficial PeerGuardian Linux client that is very useful in filtering malicous peers on P2P networks.
Open the /etc/moblock/config file with your favourite editor.
I recommend disabling filtering HTTP connections, so find
http https to it. It will looks like: ]
In this file you can also customize what lists MoBlock will use for filtering, but is best to keep the defaults (MoBlock will filter about 99% bad connections, but will not be too paranoid).
If you are behind NAT, add this to config:
That will whitelist everything from 192.168.0.0 to 192.168.0.255.
Now run moblock-update to update the lists.
Note: If you get an error like this when doing a /etc/rc.d/moblock start:
iptables v1.4.8: iprange: Bad value for "--dst-range" option: "10.0.1.0/24"
Try `iptables -h' or 'iptables --help' for more information.
Try using a range instead, so WHITE_IP_IN="10.0.1.0-10.0.1.255"
After configuration just run
# /etc/rc.d/moblock start
This is it! If you decide that moblock must run everytime you boot up, just add word moblock to your DAEMONS array in /etc/rc.conf
If you use MSN for instant messaging, you'll need to add port 1863 to the whitelist:
WHITE_TCP_OUT="http https 1863"