Package Details: pgl-cli 2.3.1-1

Git Clone URL: https://aur.archlinux.org/pgl-cli.git (read-only, click to copy)
Package Base: pgl-cli
Description: A privacy oriented firewall application (Daemon & CLI).
Upstream URL: http://sourceforge.net/projects/peerguardian/
Licenses: GPL3
Conflicts: pgl, pgl-git
Provides: pgl
Submitter: Gilrain
Maintainer: Gilrain
Last Packager: Gilrain
Votes: 26
Popularity: 0.000000
First Submitted: 2011-08-25 13:04
Last Updated: 2016-01-14 14:34

Required by (0)

Sources (1)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 Next › Last »

willemw commented on 2014-05-25 12:54

https://aur.archlinux.org/packages/flexget/ comment mentions a similar error.

graysky commented on 2014-05-25 11:09

Anyone else getting this warning?

% sudo pglcmd update
Updating blocklists and reloading PeerGuardian Linux: pgld/usr/lib/python2.7/site-packages/twisted/internet/_sslverify.py:184: UserWarning: You do not have the service_identity module installed. Please install it from <https://pypi.python.org/pypi/service_identity>. Without the service_identity module and a recent enough pyOpenSSL tosupport it, Twisted can perform only rudimentary TLS client hostnameverification. Many valid certificate/hostname mappings may be rejected.
verifyHostname, VerificationError = _selectVerifyImplementation()

Gilrain commented on 2014-04-24 08:41

@vee.aur: your suggestion is already implemented, albeit dynamically and without iproute2 support.

Take a look at the "# Whitelist the DNS server(s)" and the following "# Automatically whitelist LAN of all up interfaces" sections of <http://sourceforge.net/p/peerguardian/code/ci/master/tree/pgl/pglcmd/pglcmd.lib>.

For the latter to work, you need the optional net-tools package which provides the required ifconfig.

Of course, you could submit your one-liner as a patch against pglcmd.lib to get rid of this obsolete dependency :-)

vee.aur commented on 2014-04-23 23:13

Idea: how about an option to pre-populate the allow.p2p with something like this: echo -e "$(cat /etc/resolv.conf) \n$(ip route) \n$(ip a | grep inet)" | /bin/grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort -nu


in the build:

for x in $(echo -e "$(cat /etc/resolv.conf) \n$(ip route) \n$(ip a | grep inet)" | /bin/grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort -nu); do
echo "self:$x-$x" >> pglcmd/allow.p2p
done

vee.aur commented on 2014-04-23 23:08

Idea: how about an option to pre-populate the allow.p2p with something like this:

echo -e "$(cat /etc/resolv.conf) \n$(ip route) \n$(ip a | grep inet)" | /bin/grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | sort -nu

msx commented on 2013-10-16 03:23

"(if only developers would realize how unreasonable it is to start a firewall after the network is up…)"
Totally, as transmissions that are already initiated won't break up just because a firewall is started later :S

Anyways, I just stopped by to thank you for creating the build scripts.

Gilrain commented on 2013-07-04 08:41

No, it was never needed. UFW loads ip(6)tables through its own scripts.
Furthermore, the service file now lists 8 iptables based firewalls by default to ensure pgl is properly set up (if only developers would realize how unreasonable it is to start a firewall after the network is up…).

graysky commented on 2013-07-03 19:36

@Gilrain - For users of ufw, is it still recommended to create:
/etc/systemd/system/pgl.service which contains the following?


.include /usr/lib/systemd/system/pgl.service

[Unit]
After=iptables.service

Gilrain commented on 2013-06-13 07:13

* 2.2.2-6 :
definitely solves the initial blocklists download problem (TimeoutStartSec=0),
iptables and shorewall added to firewalls list.

graysky commented on 2013-06-03 19:44

Nice, thank you for the quick fix, Gilrain.