Firewall Linux

Do You Use Linux? The RIAA and MPAA Don’t Want You To Use This Program

Have you ever used PeerGuardian for Windows? Well good news my friend, there’s a Linux alternative available.

PeerGuardian is a program that blocks companies such as the RIAA and their affiliates (such as Media Defender) from connecting to your computer when you are running P2P software.  This is not foolproof by any means, but certainly a step in the right direction.

When I used Windows, one of the programs I used to protect my online privacy was PeerGuardian. Now that I’m using Ubuntu full-time, I’d like to find an alternative.

A quick google search found that PeerGuardian actually has a Linux client, but the installation is far more difficult than another program I found called MoBlock. Not only does it come pre-setup with most of the Bluetack blocking lists, the same ones that PeerGuardian uses, but it will also utilize the eMule ipfilter.dat file format, if you’re looking for that.

Ok, now I know we’re looking at the rest of this document and saying,

Sh!t Wayne, this looks complicated.

It’s actually really easy if you follow it step by step, and if you have any questions, feel free to comment and I’ll do my best to help you out.

Deep breath, here we go.

First, we edit sources.list to add a repository:

gksu gedit /etc/apt/sources.list

Paste these two lines at the end:

deb feisty main
deb-src feisty main

Save and Close the gedit program, just a few more commands:

gpg --keyserver --recv 9072870B
gpg --export --armor 9072870B | sudo apt-key add -
sudo apt-get update
sudo apt-get install moblock-nfq

Now it’s installed! Congratulations. Now we need to configure the program so that HTTP (website) traffic is unfiltered. This program likes to be as paranoid as possible to start out with, which can be a good thing for some people.

gksu gedit /etc/moblock/moblock.conf

Look for the following section about half-way down:

#WHITE_TCP_OUT="http https"


Remove the hash (#), save and you’re done.

Run this command to test and make sure it’s working properly:


Thanks to mbsjoblom on Digg, I missed a step.

sudo moblock-control reload
sudo moblock-control test

You should get a message something like this:

* MoBlock blocked the IP. Test succeded.


Thanks to “Moblockin” there is a GUI available , which I haven’t tried out, but seems like a more user-friendly than the command line.

Now, you have no more big brother looking after you. MoBlock will automatically do it’s magic behind the scenes with no interaction from you – ever!

88 replies on “Do You Use Linux? The RIAA and MPAA Don’t Want You To Use This Program”

My interest is piqued (edit) by this program, unfortunately there is no information about using it on Gusty. After all only 19 days to go.

Edited by Wayne at 6:33pm on Sun Sept 30
Don’t give him a hard time, my spelling errors are far warse. 😉 -Wayne

I get the following when trying the test:

$ moblock-control test
Testing MoBlock: trying to ping from /etc/moblock/guarding.p2p …
open: Permission denied
* MoBlock did not block the IP. Test failed.

The test actually failed for me in the end, it said failed to block IP. I wonder if it has something to do with this part of the installation:

Setting up moblock-nfq (0.8-21+gutsy) …
Updating blocklists and reloading MoBlock if any blocklist was updated …done.
Empty blocklist!
Starting MoBlock …done.

Empty blocklist doesn’t sound proper at all. Any ideas? Thanks!

I got a MoBlock did not block the IP. Test failed.
error when testing after following all of your commands with everything else successful. Google is not being friendly with the error, also looked through the sourceforge but didn’t see anything, so any help (a link is fine too!) would be most appreciated. OS is Kubuntu 7.04 i386.

Followed your instructions, everything seemed to work. Ran the ‘moblock-control test’ and it failed.

:~$ moblock-control test
Testing MoBlock: trying to ping from /etc/moblock/guarding.p2p …
open: Permission denied
* MoBlock did not block the IP. Test failed.

I noticed this program before. It’s a good idea, but most torrent programs offer an ip filter plugin. Ktorrent does, so does Deluge. But I’m not sure as to whether moblock is better than using the plugin.

i did the test and get this
moblock-control test
Testing MoBlock: trying to ping from /etc/moblock/guarding.p2p …
* MoBlock did not block the IP. Test failed.

anyone else as annoyed by that #$*^ing auto-follow RSS link? Use adblock to kill genkitheme.js and it goes bye-bye.

Seriously, man, it pisses me off. Why the hell do you think someone actually visiting your site would want to use RSS? And why are you so intent on shoving it down my throat?

Does PeerGuardian & co. really help with something? OK, have a list of IP’s known to have been used by some or other RIAA or MPAA or whatever group wanting to sue you for filesharing and block them. So they just take a new IP to find (and sue) 10,000 file-sharers who want the damn cool Bioshock or not so damn cool (because I read 1,234,567 posts the last 2 days about it not being so cool) Halo 23 or whatever.

Using PeerGuardian or similar software you just draws attention to you. Either buy the stuff if you really want it *now* or wait a few month and download it, this way the chances of someone bothering to catch you for sharing it are very low – in some 6 month the new version 66 of Halo will be there, so who gives a shit if you download version 23 then?! 😉

I get this:

username@myhost:/etc/moblock$ moblock-control test
Testing MoBlock: trying to ping from /etc/moblock/guarding.p2p …
open: Permission denied
* MoBlock did not block the IP. Test failed.

So I tried it with a sudo:

username@myhost:/etc/moblock$ sudo moblock-control test
Testing MoBlock: trying to ping from /etc/moblock/guarding.p2p …
* MoBlock did not block the IP. Test failed.

well, i agree with required but not as intensely… the auto-follower is annoying but i’m actually quite intrigued by your site… it’s a minor annoyance but it won’t stop me from reading your articles and coming back…

as for this article– thank you very much– i’m all about this.

Yeah, if someone wants to subscribe to RSS it is available in the firefox url address bar. No need to follow me every time I visit the page. It’s more annoying when someone has already subscribed to it. I think I will remove the subscription…

i agree with Required. the RSS button is annoying as hell. why would u think people will like it ?

anyhow, thanks for the post. most useful.

I tried that (using the debian gutsy main instead, mind) and when I went to open moblock.conf it provided me with a blank document. Any ideas why this might have been the case?

I like your blog, anyhow, it’s the second article I’ve read today, so I’m gonna use that RSS button and subscribe (the auto-follow is clever but a bit annoying though)…

Sorry guys, Required is having his period. He gets especially grumpy when he doesnt have his afternoon nap.

That auto-follow RSS link rocks. Ima learn how its done.

Thank you for the article. I followed your instructions, except I typed “feisty” instead of “gutsy”. When I tried the test command, I received “MoBlock did not block the IP. Test failed”.
I cut and paste the commands from the article into the terminal window to avoid spelling mistakes. I also tried the instructions twice to see if I had missed a step.
If you could help me with what went wrong, I would be grateful.

Thanks for the info about moblock. I just tried to install it, and everything went quite quickly, until the moblock-control test, which gave me a “fail” message. I went back to see if I screwed anything up in the gedit portions, but how could I have? All I needed to do was to add the repositories to sources.list and then to remove the hatch in the specified area in the moblock configuration file, right? What can I do to fix this?

So, what happens if it says that the test failed at the end… What then? And how do you uninstall said software should you receive the error I just mentioned?

Why not disable javascript (uncheck the button, use noscript, etc.) entirely? Don’t run a program unless /you/ want to run a program, rather than relying on what some website creator to do your thinking for you.

Followed the commands perfectly, but when I get to the test it says “MoBlock did not block the IP. Test failed.” What gives? I have a sneaking suspicion that it has something to do with the previous line which mentioned an empty blocklist… guess i’ll poke around and see how to fix that?

Thanks for all of your comments everyone, and a huge thanks to digg readers, I have edited the article with two more steps to get it working.

sudo moblock-control reload
sudo moblock-control test

Ok, the RSS link is going to be fixed position soon – I don’t have time to muck around with it right now – I thought it was pretty cool, and it has worked to gain RSS subscribers, but honestly I’d rather not loose visitors due to the ‘annoying’ nature of it.


Ip lists like PeerGuardian and the like are just foolish. You are just tricking people into a false sense of security. If they were out to get your ip, they would use either proxies or new ip ranges. Most likely they would just rent some server at some random datacenter which has more ip’s available than most small countries. Also it’s really not that hard to spoof an ip.

If you are going to download pirated material, then that is your choice. Trying to cover your tracks is just silly and childish.

Besides that, isn’t the whole idea of using Linux that you are using free, open software? So what are you afraid of?

This time I tried it with just the “sudo moblock-control test” command line and it worked. Before I had pasted both. Yes, I’m new at this!:-D 🙂

Thanks Moblockin, I’ve added your comment to the article.

Good to know it’s working now Russ, I’m in Gutsy Gibbon right now working on my article on how much it costs to give away free software, so I can’t test it myself. Thank you for confirming.

Moblock: un sustituto a PeerGuardian para GNU/Linux…

PeerGuardian es un popular software con licencia libre encargado de filtrar ciertos rangos IPs mediante listas negras que debe su popularidad a que ha sido ampliamente usado para filtrar IPs sospechosas como pueden ser rangos gubernamentales, sociedade…

[…] Do You Use Linux? The RIAA and MPAA Don’t Want You To Use This Program | fsckin w/ linux This entry was written by sparkymat and posted on October 1, 2007 at 9:28 am and filed under links. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL. […]

just curious to the people that were using the CLI, I have two questions; 1) What text editor did you use? 2) when you finished editing the files did you use the chmod command on the files you created so your “regular” user has permissions to those files (use man chmod for more information)?

@ikaruga (cool game btw 🙂
For the same reason people climb mountains I imagine, “because it’s there” and “because they can”

Not to mention the kudos from their peer group. Why else would teenagers wear pants so loose they have to hold them up when they walk?

I followed the instructions exactly, but after I finished, I couldn’t access the internet at all using firefox. I uninstalled it and it started working again. Any ideas what went wrong?

moblock is old technology

use apf to load a static blocklist into iptables and run your blocklist in the kernel

i posted the how to in bloth the moblock (peerguardian) and bluetack forums

stop dancing with the enemy and use an ipfilter OR suffer the fate of torrentspy, isohunt, torrentbox, demonoid, etc etc

[…] Do You Use Linux? The RIAA and MPAA Don’t Want You To Use This Program Number 2 with a bullet, this is a short how-to use a PeerGuardian alternative called MoBlock.  It blocks IP address ranges of not only the RIAA, MPAA and their affiliates, but also government agencies like the CIA.  MoBlock also cuts off all access to your computer IP addresses that send mostly corrupt data in p2p applications- usually associated with companies like Media Defender. […]

MoBlock is a great program. 🙂 I’d just like to quickly comment that the WHITE_TCP_OUT line may need a few more tweaks for some people. For instance, mine looks like this:

WHITE_TCP_OUT=”21 22 80 443 995″

The default of http and https is good for most things, but if you access a gmail account from an email application (Thunderbird for instance), you may need port 995 as well. I added ftp (21) and ssh (22) for good measure.

hi, thank you for the howto, but i have a missed dependency:
libnfnetlink1 isn’t available on my ubuntu gutsy system,any hints?

This is what you get out of gutsy (i386):

sudo apt-cache search libnfnet
libnfnetlink-dev – Development files for libnfnetlink0
libnfnetlink0 – Netfilter netlink library
libnfnetlink0-dbg – Debugging symbols for libnfnetlink0

This the launchpad page:

There is no linfnet1 available. However you could probably put in a symbolic link from 1 -> 0 I doubt the requesting app would notice any difference, since the bulk of the libarary would be unchanged.

hey, thank you 🙂
but where i have to make the link?
i think that should help?:
senseless@senseless-desktop:~$ cat /var/lib/dpkg/info/libnfnetlink0.list

From the looks of your find, I think this should work:

ln -s /usr/lib/ /usr/lib/libnfnet1


ln -s /usr/lib/ /usr/lib/

Depending on what the actuall error you get back is, it will generally tell you the exact name of the libraray it’s looking for.

I wrote about this in my blog too, and some stuff was copied from your site. I hope you don’t mind. I left credits at the bottom. Just wanted to shed some sunlight on moblock. I’m loving it. Thanks for the help with configuring it btw. 🙂

I followed the steps listed but for some reason the install doesn’t work, when I put in the command:

sudo apt-get install moblock-nfq

I get this back:

The following packages have unmet dependencies:
moblock-nfq: Depends: libnfnetlink1 (>= 0.0.16) but it is not installable
E: Broken packages

any suggestions?

@n0xie ip Spoofing is only good for outdated smurf attacks. Sessions cannot be finished with a spoofed ip, atleast not for the one doing the spoofing. Learn a bit of security before spewing false infol

installed per your instruction on Intrepid. test passed. my question is… does this need to be started in terminal every time i boot, or does it run in the background automatically from now on?

Verily, the blessings of His Noodliness shall devolve upon thee and thy progeny whom thou schoolest within the ways of the Sauce. For thou shalt righteously provide wisdom to the mind, and carbohydrates towards the body, by following the path of the Spaghedeity, and thy children shall learn the joys of fettucini and tiramisu, and shall rise up and call thee Blessed.. . RAmen!

Leave a Reply

Your email address will not be published. Required fields are marked *