2.3 KiB
Installation
Prerequisites to install
On Ubuntu/Debian the required packages will be installed by:
apt-get -y install git iproute2 php-cli wget curl
On RedHat/CentOS the required packages may be installed by:
yum -y install git iproute2 php wget curl
This daemon needs PHP, tested with 5.6, 7.4 and 8.2.
It may work with other versions or it may not work ;)
It needs php-cli residing in /usr/bin/php. You can check it by running:
/usr/bin/php -v
Also needs the "pcntl" PHP extension, check it by running:
php -i | grep "pcntl support"
On Linux it needs the "iproute2" package, check it by running:
ip route show
Oh, and btw. it will need "git" command, check it by running:
git --version
Quick and fast install (deb)
apt-get -y install git iproute2 php-cli wget curl
git clone https://git.funil.de/sinuspl/bgpblist /opt/bgpblist
cp /opt/bgpblist/etc/default/config.ini /opt/bgpblist/etc/config.ini
cp /opt/bgpblist/etc/systemd/bgpblacklist.service /etc/systemd/system/bgpblacklist.service
systemctl daemon-reload
systemctl enable bgpblacklist.service
systemctl start bgpblacklist.service
Long install with config
First, checkout the repository:
git clone https://git.funil.de/sinuspl/bgpblist /opt/bgpblist
Copy the default config to create your own:
cp /opt/bgpblist/etc/default/config.ini /opt/bgpblist/etc/config.ini
Edit the config.ini, if you are a customer:
vim /opt/bgpblist/etc/config.ini
If not, dont't edit it, it will use the defaults. Edit it, particulary, when you have an user uuid from the site.
Default is "00000000-0000-0000-0000-000000000000" and it gets all feeds by default without any registration.
Copy the systemd unit file:
cp /opt/bgpblist/etc/systemd/bgpblacklist.service /etc/systemd/system/bgpblacklist.service
Reload the systemd:
systemctl daemon-reload
Enable the unit:
systemctl enable bgpblacklist.service
Start the daemon:
systemctl start bgpblacklist.service
Init and not systemd
There is also an Init version of the script
ln -s /opt/bgpblist/etc/init.d/bgpblacklist /etc/init.d/bgpblacklist
Use your system's way to enable that, e.g. with "update-rc.d"
Check at the end
Run this to check if it blocks nets and IPs:
ip route show | grep prohibit