Package Details: pgl-cli 2.3.1-2

Git Clone URL: https://aur.archlinux.org/pgl-cli.git (read-only, click to copy)
Package Base: pgl-cli
Description: Privacy oriented firewall (daemon and CLI)
Upstream URL: https://sourceforge.net/projects/peerguardian
Licenses: GPL3
Conflicts: pgl
Provides: pgl
Submitter: Gilrain
Maintainer: willemw
Last Packager: willemw
Votes: 25
Popularity: 0.000000
First Submitted: 2011-08-25 13:04 (UTC)
Last Updated: 2023-11-28 17:35 (UTC)

Dependencies (11)

Required by (0)

Sources (2)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 Next › Last »

Gilrain commented on 2013-06-03 09:12 (UTC)

* 2.2.2-5 : RemainAfterExit solves the startup timing out, fixed pgld.log access when using "pglcmd test", added tcptraceroute as an optional dependency.

Gilrain commented on 2013-06-02 16:30 (UTC)

When issuing a "pglcmd test", it looks for the results of the tests in the syslog or directly in pgld.log. By setting LOG_LOGFILE=0, it can no longer find the latter and since pgl is not journald aware the test fails. I will update the package to leave LOG_LOGFILE alone.

graysky commented on 2013-06-02 13:21 (UTC)

Ah, I see you did: http://pkgbuild.com/git/aur-mirror.git/commit/pgl-cli?id=31bda47ab7d1a25d185e86f58c89734673d1de68 If I remove those two sed lines in the build function, everything works as expected. Problem with my system or with your code?

graysky commented on 2013-06-02 13:19 (UTC)

This release adds problems for me; did you mess with syslog function? # pglcmd test Testing PeerGuardian Linux: CAUTION: This is just a simple test to check if PeerGuardian Linux blocks outgoing connections. For this, an IP from the blocklist will be pinged. Then the test checks if this IP appears in /var/log/syslog. pgld marks packets to be blocked. This means you have to make sure that the marked packets are also blocked later (with appropriate iptables rules). If you are using the default configuration and pgld is started after other firewalls this will be the case. This test does not check if you have sane iptables rules. Therefore success doesn't imply that everything is working as you expect it. Also have a look at "pglcmd status". Trying to ping 1.23.95.94 from /var/lib/pgl/master_blocklist.p2p ... /usr/lib/pgl/pglcmd.lib: line 2309: /var/log/syslog: No such file or directory /usr/lib/pgl/pglcmd.lib: line 2317: /var/log/syslog: No such file or directory /usr/lib/pgl/pglcmd.lib: line 2319: [: : integer expression expected pgld did not mark the IP to be blocked. 1.23.95.94 did not answer the ping. No clear test result! Trying "tcptraceroute -n -m 2 1.23.95.94 12345" now: tcptraceroute not installed.

Gilrain commented on 2013-06-01 11:48 (UTC)

Exactly, I was waiting for the imminent new release to upload this change, but jre seems to take his time ;-) * 2.2.2-4 : improved service menu to start after some firewalls forks service instead of using dbus pgld.log accessible through journald move everything to /usr/bin

graysky commented on 2013-06-01 10:10 (UTC)

Need to add '--sbindir=/usr/bin' to configure step to comply with new move to /usr/bin I think.

Gilrain commented on 2013-05-16 16:19 (UTC)

* 2.2.2-3 : deletes pgl spool on package removal, added condition checks to service file, updated dbus dependency (was dbus-core), initscript script and post upgrade notice removed.

graysky commented on 2012-12-01 13:55 (UTC)

This is a major failing of systemd... not having a firewall.target. Need to open a bug upstream. https://bugs.freedesktop.org/show_bug.cgi?id=57773

Gilrain commented on 2012-12-01 08:02 (UTC)

@tsr-nc: I've mixed feelings about your suggestion. It's true that pgl should be loaded after iptables rules are set up but I don't think it's up to the developer (or packager in this case) to list every conceivable iptables based firewall in "After=". Since the choice of firewall is left to the user, maybe it's best to let him or her edit pgl.service to suit their need. Although, a "firewall.target" could be a good compromise, beyond the scope of this simple package. However, I will edit the wiki page to mention that it might be a good idea to list other firewalls in "After=" (be they ufw, shorewall, etc.). Here's the short of it: - Create "/etc/systemd/system/pgl.service" with the following content: .include /usr/lib/systemd/system/pgl.service [Unit] After=iptables.service - Issue "# systemctl reenable pgl.service" to activate it.