committing changes in /etc after emerge run

Package changes:
+net-firewall/pglinux-2.3.0
This commit is contained in:
Hans Wurst 2015-08-15 21:22:26 +02:00
parent 8171dd46ac
commit 8b553adcef
4 changed files with 139 additions and 0 deletions

View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->
<!DOCTYPE busconfig PUBLIC
"-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<!-- ../system.conf denies everything so we have to allow some things ourselves.
This file has to be placed in /etc/dbus-1/system.d/ in Ubuntu in order for pgld to be able to connect to the system bus
This is just an example and I imagine not secure at all -->
<busconfig>
<!-- Only root can own the service -->
<policy user="root">
<allow own="org.netfilter.pgl"/>
<!-- <allow send_destination="org.netfilter.pgl"/>
<allow send_interface="org.netfilter.pgl"/> -->
</policy>
<!-- For debugging purposes, will probably disable later-->
<policy at_console="true">
<allow own="org.netfilter.pgl"/>
<allow send_destination="org.netfilter.pgl"/>
<allow send_interface="org.netfilter.pgl"/>
</policy>
</busconfig>

55
init.d/pgl Executable file
View File

@ -0,0 +1,55 @@
#!/sbin/runscript
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
description="Daemon script for pglinux"
extra_commands="reload forcereload update"
depend() {
need net
}
PIDFILE=/var/run/pgld.pid
PGLCMD=/usr/bin/pglcmd
start() {
ebegin "Starting pglinux daemon"
if [ "${RC_CMD}" = "restart" ]; then
sleep 3
fi
$PGLCMD start
eend $?
}
stop() {
ebegin "Stopping pglinux daemon"
$PGLCMD stop_quick
eend $?
}
status() {
ebegin "Checking status of pglinux daemon"
$PGLCMD status
eend $?
}
reload() {
ebegin "reload config"
$PGLCMD reload
eend $?
}
forcereload() {
ebegin "force config reload"
$PGLCMD force-reload
eend $?
}
update() {
ebegin "Force update of lists"
$PGLCMD update
eend $?
}

View File

@ -0,0 +1,50 @@
# blocklists.list - lists the remote blocklists that pglcmd handles.
# Place one URL per line for every blocklist.
# Any line which starts with a # (hash) is a comment and is ignored.
# Have a look at /usr/share/doc/pglcmd/README.blocklists.gz for some hints
# about some available blocklist providers. Neither do we recommend any
# blocklist provider, nor do we even know much about them.
# Instead or additionally to the remote blocklists that are specified here, you
# can put local blocklists in LOCAL_BLOCKLIST_DIR (/etc/pgl/blocklists.local/).
# All blocklists in that directory (except those in subdirectories, or which end
# in "~" or start with ".") are used. They may be in any supported format.
# pglcmd unpacks lists that are compressed with gz, zip or 7z for pgld.
# Do a "pglcmd reload" (or "restart" or "update") when you have edited this
# file.
# The following blocklist setting may be useful or not, good or bad. Most
# probably it is outdated:
http://list.iblocklist.com/lists/bluetack/ads-trackers-and-bad-pr0n
http://list.iblocklist.com/lists/bluetack/bad-peers
# http://list.iblocklist.com/lists/bluetack/bogon
http://list.iblocklist.com/lists/bluetack/dshield
# http://list.iblocklist.com/lists/bluetack/edu
# http://list.iblocklist.com/lists/bluetack/for-non-lan-computers
# http://list.iblocklist.com/lists/bluetack/forum-spam
# http://list.iblocklist.com/lists/bluetack/hijacked
# http://list.iblocklist.com/lists/bluetack/iana-multicast
# http://list.iblocklist.com/lists/bluetack/iana-private
# http://list.iblocklist.com/lists/bluetack/iana-reserved
http://list.iblocklist.com/lists/bluetack/level-1
# http://list.iblocklist.com/lists/bluetack/level-2
# http://list.iblocklist.com/lists/bluetack/level-3
# http://list.iblocklist.com/lists/bluetack/microsoft
http://list.iblocklist.com/lists/bluetack/proxy
http://list.iblocklist.com/lists/bluetack/range-test
# http://list.iblocklist.com/lists/bluetack/spider
http://list.iblocklist.com/lists/bluetack/spyware
# http://list.iblocklist.com/lists/bluetack/web-exploit
# http://list.iblocklist.com/lists/bluetack/webexploit-forumspam
# http://list.iblocklist.com/lists/cidr-report/bogon
# http://list.iblocklist.com/lists/dchubad/faker
# http://list.iblocklist.com/lists/dchubad/hacker
# http://list.iblocklist.com/lists/dchubad/pedophiles
# http://list.iblocklist.com/lists/dchubad/spammer
# http://list.iblocklist.com/lists/peerblock/rapidshare
# http://list.iblocklist.com/lists/spamhaus/drop

9
pgl/allow.p2p Normal file
View File

@ -0,0 +1,9 @@
# allow.p2p - allow list for pglcmd
#
# This file contains IP ranges that shall not be checked.
# They must be in the PeerGuardian .p2p text format like this:
# Some organization:1.0.0.0-1.255.255.255
# This is also true if your blocklists are in another format.
# Lines beginning with a hash (#) are comments and will be ignored.
#
# Do a "pglcmd restart" when you have edited this file.