Difference between revisions of "IPFilter"

From AMule Project FAQ
Jump to: navigation, search
 
(IP Filter - URLs for Auto-update at startup: http://emulepawcio.sourceforge.net/ipfilter.dat is _not_ updated monthly)
 
(49 intermediate revisions by 25 users not shown)
Line 1: Line 1:
 +
<center>'''English''' | [[IP_Filter-de|Deutsch]]</center>
 +
 
== Description ==
 
== Description ==
 +
The [[IP address|IP]] Filter blocks traffic from/to IPs and ranges of [[IP address|IP]]s with our [[client]]. This means that those [[IP address|IP]]s which get blocked will not be able neither to upload to us nor to download from us.
  
The [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] Filter blocks traffic from/to IPs and ranges of [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s with our [[client]]. This means that those [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s which get blocked will not be able neither to upload to us nor to download from us.
+
This filter is read from [[ipfilter.dat_file|''~/.aMule/ipfilter.dat'']] and ~/.aMule/ipfilter_static.dat. The content of these files describes the valid and blocked [[IP address|IP]] ranges.
  
This filter is read from ''~/.aMule/ipfilter.dat'' which is a file which's contents describes the valid and blocked [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] ranges.
+
== [[ipfilter.dat file]] ==
 +
The information and details about the [[ipfilter.dat file]] can be found [[ipfilter.dat file|here]].
  
== ipfilter.dat format ==
+
== Using the [[IP address|IP]] Filter in [[aMule]] ==
 +
The ''Access level'' of the [[IP address|IP]] filter is selected in [[aMule]] through "Preferences" -> "Security" -> "IP Filtering" -> "Filtering level" (in [[aMule]] versions up to 2.0.0-rc8 it is under "Server", instead of "Security").
  
The format of the ''ipfilter.dat'' file is as follows:
+
'''NOTE:''' [[aMule]]'s ''ipfilter.dat'' file is 100% compatible with [[eMule]]'s.
  
'''[http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s range , Access level , Description'''
+
== Using an external [[ipfilter.dat file]] ==
  
''Access level'' values '''lower than 127 are blocked [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s''' and values '''over 127 are permitted [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s'''.
+
aMule by default uses ~/.aMule/ipfilter.dat for IP filtering. If you enable 'Use system-wide ipfilter.dat if available', it will look for a /usr/share/amule/ipfilter.dat file if loading the local ipfilter.dat fails.  This system-wide ipfilter.dat can then be kept up-to-date by another method <!-- such as.... --> so that aMule doesn't have to download a large file every time it starts.
  
''[http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s range'' values are described by an initial [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] a slash and the ending [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] of tha range (the slash must be separated from the [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP]s by a single space character).
+
The above paths assume a linux-like system.
  
== Using the [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] Filter in [[aMule]] ==
+
This option is located through "Preferences" -> "Security" and is disabled by default in the latest stable 2.2.2 build.
  
The ''Access level'' of the [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] filter is selected in [[aMule]] through Preferences -> Security -> IP Filtering -> Filtering level.
+
== [[IP address|IP]] Filter sources ==
 +
=== IP Filter - URLs for Auto-update at startup ===
 +
Insert the URL under "Preferences" -> "Security" -> "IP filtering" -> "URL:"
  
'''NOTE:''' [[aMule]]'s ''ipfilter.dat'' file is 100% compatible with [[eMule]]'s.
+
* http://emulepawcio.sourceforge.net/ipfilter.dat (on 2011-04-15 this file was from 2010-08-23)
 +
 
 +
These lists do not seem to work:
 +
 
 +
* http://www.bluetack.co.uk/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Blacklists+FAQ ([http://www.bluetack.co.uk/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Blacklists+FAQ Bluetack's normal ipfilter.dat])
 +
 
 +
* http://www.bluetack.co.uk/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Blacklists+FAQ ([http://www.bluetack.co.uk/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Blacklists+FAQ Bluetack's paranoid ipfilter.dat])
 +
 
 +
=== IP Filter sites ===
 +
You can insert the lists from these sites either manually or with a script. Or you can use seperate [[IP address|IP]]-blocking software like Protowall from [http://bluetack.co.uk Bluetack], PeerGuardian from [http://phoenixlabs.org Phoenixlabs] or [http://moblock.berlios.de moblock].
 +
 
 +
The [http://test.blocklist.org lists] from [http://phoenixlabs.org Phoenixlabs] (formerly known as Methlabs) are still under development. They use the lists from [http://bluetack.co.uk Bluetack] instead.
 +
 
 +
http://bluetack.co.uk/config/sources.txt (If you follow this link then download the lists as *.gz or *.zip instead of *.txt in order to save Bluetack's bandwith!)
 +
 
 +
http://emulepawcio.sourceforge.net/nieuwe_site/ipfilter_fake_list.html
 +
 
 +
== Hard coded [[IP address|IP]] filter in [[aMule]] ==
 +
[[aMule]] has some ranges of [[IP address|IP]]s which it filters by default following the [http://www.rfc-editor.org/rfc/rfc3330.txt RFC 3330] document. These ranges are:
  
== [http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip.html IP] Filter sources ==
+
        Address Block            Present Use                      Reference
 +
        ----------------------------------------------------------------------
 +
        "0.0.0.0/8",      // "This" Network                [RFC1700, page 4]
 +
        "10.0.0.0/8",      // Private-Use Networks                  [RFC1918]
 +
        "14.0.0.0/8",      // Public-Data Networks        [RFC1700, page 181]
 +
        "24.0.0.0/8",      // Cable Television Networks                    --
 +
        "39.0.0.0/8",      // Reserved but subject
 +
                            //    to allocation                      [RFC1797]
 +
        "127.0.0.0/8",    // Loopback                      [RFC1700, page 5]
 +
        "128.0.0.0/16",    // Reserved but subject
 +
                            //    to allocation                            --
 +
        "169.254.0.0/16",  // Link Local                                  --
 +
        "172.16.0.0/12",  // Private-Use Networks                  [RFC1918]
 +
        "191.255.0.0/16",  // Reserved but subject
 +
                            //    to allocation                            --
 +
        "192.0.0.0/24",    // Reserved but subject
 +
                            //    to allocation                            --
 +
        "192.0.2.0/24",    // Test-Net
 +
        "192.88.99.0/24",  // 6to4 Relay Anycast                    [RFC3068]
 +
        "192.168.0.0/16",  // Private-Use Networks                  [RFC1918]
 +
        "198.18.0.0/15",  // Network Interconnect
 +
                            //    Device Benchmark Testing            [RFC2544]
 +
        "223.255.255.0/24",// Reserved but subject
 +
                            //    to allocation                            --
 +
        "224.0.0.0/4",    // Multicast                              [RFC3171]
 +
        "240.0.0.0/4"      // Reserved for Future Use        [RFC1700, page 4]
  
http://ciberia.ya.com/Mc4TuTi/2/ipfilter.dat<br>
+
However, you can un-filter these ranges of [http://www.faqs.org/rfcs/rfc791.html IP]s by unchecking "Preferences"->"Security"->"IP-filtering"->"Always filter bad IPs" (on [[aMule]] versions up to 2.0.0-rc8, this option can be found in "Preferences"->"Server"->"Always filter bad IPs").
http://ciberia.ya.com/Mc4TuTi/ipfilter.dat
+

Latest revision as of 18:51, 15 April 2011

English | Deutsch

Description

The IP Filter blocks traffic from/to IPs and ranges of IPs with our client. This means that those IPs which get blocked will not be able neither to upload to us nor to download from us.

This filter is read from ~/.aMule/ipfilter.dat and ~/.aMule/ipfilter_static.dat. The content of these files describes the valid and blocked IP ranges.

ipfilter.dat file

The information and details about the ipfilter.dat file can be found here.

Using the IP Filter in aMule

The Access level of the IP filter is selected in aMule through "Preferences" -> "Security" -> "IP Filtering" -> "Filtering level" (in aMule versions up to 2.0.0-rc8 it is under "Server", instead of "Security").

NOTE: aMule's ipfilter.dat file is 100% compatible with eMule's.

Using an external ipfilter.dat file

aMule by default uses ~/.aMule/ipfilter.dat for IP filtering. If you enable 'Use system-wide ipfilter.dat if available', it will look for a /usr/share/amule/ipfilter.dat file if loading the local ipfilter.dat fails. This system-wide ipfilter.dat can then be kept up-to-date by another method so that aMule doesn't have to download a large file every time it starts.

The above paths assume a linux-like system.

This option is located through "Preferences" -> "Security" and is disabled by default in the latest stable 2.2.2 build.

IP Filter sources

IP Filter - URLs for Auto-update at startup

Insert the URL under "Preferences" -> "Security" -> "IP filtering" -> "URL:"

These lists do not seem to work:

IP Filter sites

You can insert the lists from these sites either manually or with a script. Or you can use seperate IP-blocking software like Protowall from Bluetack, PeerGuardian from Phoenixlabs or moblock.

The lists from Phoenixlabs (formerly known as Methlabs) are still under development. They use the lists from Bluetack instead.

http://bluetack.co.uk/config/sources.txt (If you follow this link then download the lists as *.gz or *.zip instead of *.txt in order to save Bluetack's bandwith!)

http://emulepawcio.sourceforge.net/nieuwe_site/ipfilter_fake_list.html

Hard coded IP filter in aMule

aMule has some ranges of IPs which it filters by default following the RFC 3330 document. These ranges are:

        Address Block             Present Use                       Reference
        ----------------------------------------------------------------------
        "0.0.0.0/8",       // "This" Network                 [RFC1700, page 4]
        "10.0.0.0/8",      // Private-Use Networks                   [RFC1918]
        "14.0.0.0/8",      // Public-Data Networks         [RFC1700, page 181]
        "24.0.0.0/8",      // Cable Television Networks                    --
        "39.0.0.0/8",      // Reserved but subject
                           //    to allocation                       [RFC1797]
        "127.0.0.0/8",     // Loopback                       [RFC1700, page 5]
        "128.0.0.0/16",    // Reserved but subject
                           //    to allocation                             --
        "169.254.0.0/16",  // Link Local                                   --
        "172.16.0.0/12",   // Private-Use Networks                   [RFC1918]
        "191.255.0.0/16",  // Reserved but subject
                           //    to allocation                             --
        "192.0.0.0/24",    // Reserved but subject
                           //    to allocation                             --
        "192.0.2.0/24",    // Test-Net
        "192.88.99.0/24",  // 6to4 Relay Anycast                     [RFC3068]
        "192.168.0.0/16",  // Private-Use Networks                   [RFC1918]
        "198.18.0.0/15",   // Network Interconnect
                           //    Device Benchmark Testing            [RFC2544]
        "223.255.255.0/24",// Reserved but subject
                           //    to allocation                             --
        "224.0.0.0/4",     // Multicast                              [RFC3171]
        "240.0.0.0/4"      // Reserved for Future Use        [RFC1700, page 4]

However, you can un-filter these ranges of IPs by unchecking "Preferences"->"Security"->"IP-filtering"->"Always filter bad IPs" (on aMule versions up to 2.0.0-rc8, this option can be found in "Preferences"->"Server"->"Always filter bad IPs").