Log file issue

[budgierless]

hi,

when checking the iptables -L i see this in the output:

LOG all -- anywhere anywhere limit: avg 1/min burst 10 LOG level warning prefix "[Blocked CC]: "

[tlhackque]

It's documented behavior.

BlockCountries help will tell you that:

• -log enables logging.
• -loglimit has a default value of 1/min with a burst of 10.

The configuration exercise that we went through earlier tells you that the level 'warning' is either what you specified, or the netfilter default. And [Blocked CC]: is also a configuration variable that you asked about.

That line is only reached by BlockCountries rules that drop a connection attempt.

Why do you think this is a problem?

[budgierless]

ok, if its not a problem then im fine with it. I do want to change the path tho, if i use: *my $LOG = '/var/log/BlockCountries/BlockCountries.log';* would that work? as im not sure what the \ is for

[tlhackque]

Both questions are addressed in the documentation.

1) Not unless you reconfigure syslog. 2) rotated and archived logfiles - documented AND discussed in the previous 'issue'

Read the documentation. Really.

Release 2.9.1 further clarifies the documentation and attempts to address several of the points of confusion that you had earlier.

With the new release, you never have to edit any variable in the script. All configuration is in the config file. It also includes a fully-commented samplel/starter config file.

[budgierless]

ok, well fine, will leave the log as is, but i do need better understanding with the startup, as i Copy BlockCountries to /etc/init.d/ but the startup as not kicked-in on reboot?

[tlhackque]

What you need to do is, again, documented.

The README Installation section tells you to :

Copy BlockCountries to /etc/init.d (or your distributions startup directory) run chkconfig , systemctl enable, update-rc.d (or equivalent) to include it in the automatic system startup.

As your distribution is debian-based, update-rc.d should do it. And yes, you need to read the man page for update-rc.d

[budgierless]

i get that but how to run chkconfig , systemctl enable, update-rc.d?? example: BlockCountries chkconfig??

update-rc.d i need to find my own way to active it with script??

[tlhackque]

This is well beyond the scope of BlockCountries.

I'm trying to be helpful, but you actually have to read what I write.

man update-rc.d or man systemctl

You only need one of these commands. Which one depends on your system's distribution and/or version. I don't supply them. They are standard system administration tools.

If that doesn't make sense to you, you should get some system-administration help from another source.

[budgierless]

I think i did: sudo update-rc.d BlockCountries defaults

however their was a little error message but still think its ok: update-rc.d: warning: /etc/init.d/BlockCountries missing LSB keyword 'default-start' update-rc.d: warning: /etc/init.d/BlockCountries missing LSB keyword 'default-stop'

[tlhackque]

It helps when you actually describe what's happening.

The LSB block is new -- someone else raised an issue but didn't get back to me. So it hasn't been debugged.

There shouldn't be warnings. This is saying that you want the default settings, but there aren't any.

Try this patch, if it works I'll release it.

--- /etc/init.d/BlockCountries~ 2016-02-05 14:29:46.886335269 -0500
+++ BlockCountries      2016-02-05 16:43:55.979557559 -0500
@@ -11,10 +11,12 @@

 ### BEGIN INIT INFO
 # Provides: BlockCountries
 # Required-Start: $network $local_fs $remote_fs iptables
 # Required-Stop: $network $local_fs $remote_fs iptables
+# Default-Start: $network $local_fs $remote_fs iptables
+# Default-Stop: $network $local_fs $remote_fs iptables
 # Should-Start: $syslog $named ip6tables
 # Should-Stop: $syslog $named ip6tables
 # Short-Description: start and stop BlockCountries
 # Description: Blocks IP traffic from IP addresses assigned to specific countries
 #              using iptables/ip6tables.  Updates/queries database when not run

Also, depending on how your system is setup, 'update-rc.d enable' may work where 'defaults' doesn't. See dependency-based booting.

[budgierless]

I got that message after i added: sudo update-rc.d BlockCountries defaults into the terminal, but as i said its dose work, because i already rebooted the server, and see its working,

Anyway i appliesed and this is the output: ~# sudo update-rc.d BlockCountries defaults update-rc.d: warning: /etc/init.d/BlockCountries missing LSB information update-rc.d: see http://wiki.debian.org/LSBInitScripts System start/stop links for /etc/init.d/BlockCountries already exist.

[tlhackque]

missing LSB means the patch wasn't correctly applied.

V2.10 may do better; it has a different change and works on a debian system here.

You will have to run update-rc.d BlockCountries remove before trying defaults again; update-rc.d doesn't adjust the startup if the file is already registered.

Note that the new bcinstall will check for several of the configuration issues that you encountered.

Glad that things are working.

[budgierless]

this work nicely, thanks for your help.

[budgierless]

also i just run the updated bcinstall and here is the output: ~/BlockCountries# ./bcinstall Perl was found in /usr/bin You need to install the perl module Cwd (minimum version 3.60)

[budgierless]

ok, just to let you now i have installed the Cwd, well well as 5 other perl mods it wanted installed, so now all are installed and working, for this current version of bcinstall. cheers

[tlhackque]

Thanks for the update. Having current versions will avoid some problems later.

I guess automating the version check was a good thing.

I'm glad things are working for you.