As you may know, it's always good to have an IP filter with an up-to-date blocklist to avoid taking risks when P2Ping, with the RIAA and anti-P2P organizations like MediaDefender and BayTSP around. Here's a tutorial about how to protect yourself from these dangers. In it we'll cover how to block harmful IP ranges using the P2PFire program, because it is free and open-source, doesn't slow down your connection like PeerGuardian if you haven't applied the TCP/IP half-open connections patch, and uses less than 6MB of RAM and 1% of CPU under heavy traffic. Note that it only works under Windows 2000, XP and 2003.


Get P2PFire. Its official site is p2pfire.sf.net (http://p2pfire.sourceforge.net/). But it is only available in Spanish there; so I've made an English translation you can find at 3652


Get an updated blocklist, it can be in guarding.p2p or ipfilter.dat format. Some places where you can do this are:


http://www.emule-security.org/
https://www.iblocklist.com/lists


If you know about other up-to-date lists, please tell me. As of May 2018, I only know these two.


Open the P2PFire archive, and extract its contents to a new folder.


Open that folder and extract (or copy) the blocklist you downloaded in step 2 inside. You should now have a file called guarding.p2p or ipfilter.dat along P2PFire.exe and P2PFire.sys. If your blocklist is called something else, rename it accordingly.


Run P2PFire.exe. The program's main window should appear. If in the log (right side) everything looks good, for example:


P2PFire 1.4.beta x86 (hybrid)
(C) 2004 - 2006 ModMa Technologies

System running on administrator account with all privileges.
P2PFire.sys load: OK

Detected driver: Windows NT x86 (Win32)

Config sent to driver: OK
...

Blacklist filter transfer: OK - xxxx filters
Filter start: OK

Internal driver link: OK
Automatic filter index: ON
Processor clock speed: yyyy MHz

The program is up, running and ready to block IP ranges. To test it, you can ping an IP that's in your blocklist:

Go to Start -> Run... -> type cmd and press Enter.
In the command prompt window, type ping [blacklisted IP here] and press Enter.

You should get a "destination host unreachable" message every time, and entries in P2PFire's log window. This means it's working.


You may want to go to Options -> Configuration, and set things to suit your taste:


http://www.sb-innovation.de/attachment.php?attachmentid=18870

Explanation:



Minimize to Taskbar on startup
Minimizes the program to a taskbar button when it is first started.


Minimize to taskbar on close
Minimizes the program to a tray icon when you click the close button.


Flash traybar on event
Shows a flashing yellow "!" tray icon on events.


Reduced logs (recommended)
Shortens events in the main window to just one line of text. I recommend you turn this on, or else your log will fill up very quickly.


Process driver's internal log
Shows some kind of debug info in the log area.


Allow connections to ports 80 and 443
Lets you connect to blacklisted IPs, but only on said ports. Can be useful if a web server you need to access is blocked by your blocklist.


Allow FTP connections
Lets you connect to a blacklisted IP, but only to port 21 (FTP). Can also be combined with the option above.


Block NetBios
Blocks the NetBios protocol in ports 135, 137, 138, 139 and 445 for both inbound and outbound connections. Don't enable this if you're in a LAN sharing resources.


Filter optimizer
Cleans up your blocklists by removing repeated entries and overlapping ranges every time P2PFire is run.


Discard IANA ranges in ipfilter.dat
IP ranges flagged as IANA in ipfilter.dat blocklists will be ignored.


Protocols you DON'T want P2PFire to filter: (doesn't affect NetBios) [TCP, UDP, ICMP, Others]
Won't filter connections to blacklisted hosts that use these protocols. It's not recommended to enable any of these.


Tips:

To temporarily stop filtering without closing the program, go to Options -> Stop filtering. You can then resume it with "Start filtering".
Unless you want to know everything about every blocked connection, it's a lot better to enable reduced logs.
If you could visit some Web sites before but not now (because they're in the blocklist), yet don't want to remove them from your list to avoid opening a gap in your protection, you can enable the "Allow connections to ports 80 and 443" option.
If you tick "Minimize to Taskbar on startup" and make a shortcut in your Startup folder to start P2PFire minimized (see 41519), you can silently open the program along Windows: it'll go straight to a notification area icon as soon as its filtering engine starts running.


If you see a typo, broken link or anything wrong in this post, or have a suggestion, problem with the program, etc., please post here.

What a Handy TuT anon,Ive never used p2pFire before but im gonna use this simple manual for effecient experience of this great tool :top:

what have you been using to block bad IPs so far?

no never used a tool to block bad IPs since Im on a fixed IP that changes barely only when I restart my router,tho I dont think I get any bad ones :tongue:

tho I dont think I get any bad ones :tongue:

LOL no, i think you got me wrong. blocking bad Ips isn't about what address YOU have, but about not making contact with other harmful (antip2p organizations' and the such) ones!

i recommend you get P2PF and a blocklist r8 now :biggrin:

I tried PG but im using vista and they says PG does not work well with vista. will try this P2Pfire soon. Is it in english? or only spanish? because you said you only finish tranlating abt 70%

btw, nice TuT anon

The original version is in spanish, but I have translated it to english (the "beta" translation is like 80% done, because weird things happen if I touch the strings associated to global stats).

I don't know if it works in Vista, please try... :top:

LOL no, i think you got me wrong. blocking bad Ips isn't about what address YOU have, but about not making contact with other harmful (antip2p organizations' and the such) ones!

i recommend you get P2PF and a blocklist r8 now :biggrin:

LOL I totally misunderstood that tool,anyway thanks alot buddy for confirming,in that case yeah I guess I will install it :biggrin:

@anon PG doesn't slow down my download speed and I don't have downloaded any kind of patch.

@Options I run PG on a 32-bits Vista for over 2 months now and I didn't have a single problem with it.

Will test later if p2pfire works on Vista.

~Logitech

@anon PG doesn't slow down my download speed and I don't have downloaded any kind of patch.

I guess it depends on how many IPs PG is blocking, but its developers confirm this (possible) network slowdown in the FAQ:


PeerGuardian is slowing down my connection!

This occurs because of the way PeerGuardian blocks packets, not connections. A work around is being developed, but until it is available you may want to apply the lvlord.de patch.

----------


Will test later if p2pfire works on Vista.

Thanks :top:

Sorry anon I can't get it to work on 32-bit vista.
I got both files and renamed them correctly and put them in the main folder.
This is the error that I get.

Filter start: ERROR, CODE: DRV_ERROR_IO (-9)
A fatal error occured: line 390, file .\FireObj.cpp
- Filtering engine stopped -Stop filtering: OK

I don't know if you have compiled it, but it looks like the error is in FireObj.cpp on line 390.
If you have translated p2pfire by changing the source code maybe you have renamed something wrong.

Will now test if the spanisch version works.

Edit:

Spanish version doesn't work either on vista keep getting the same error but then in Spanish.
The program is last updated 2006-12-10 20:47 so they have probably not even tested it on vista.

Sorry anon I can't get it to work on 32-bit vista.
I got both files and renamed them correctly and put them in the main folder.
This is the error that I get.

mostly like if it's not a vista compatible software it would not work at all

Yea most of the time if they don't have tested it on vista it wont work at all, but then I think what did they do that vista can't even work with xp only apps.

Sorry anon I can't get it to work on 32-bit vista.

:frown:


I don't know if you have compiled it, but it looks like the error is in FireObj.cpp on line 390.
If you have translated p2pfire by changing the source code maybe you have renamed something wrong.

No, I carefully used a Hex-editor... since spanish is a "long" language almost every string was possible to be translated without space issues :smile:; that was better to avoid having problems like what you mentioned...

thANKS anon....such a nice Tut...it is good in some ways since it only requires small amount of memory, not like PG2

For me it's using 3.6MB RAM right now (just started my comp) :biggrin: And under heavy IP-blocking activity, I have never seen it go higher than 5MB and 1% CPU (which is probably because Windows's Task manager can't show decimal numbers so it rounds up to 1, but P2PF's main window shows a 0.1% usage) :top:

This tool seems interesting:top:.But would it not be easier to import block list simply into a firewall?

How?
The firewall would need to have an IP blocking module anyway.
The Blockpost plugin adds that functionality to Outpost v4, for example, but makes it work like PG, blocking packets and not connections.
I chose this tool because it blocks connections instead, and has an extremely low CPU and RAM usage.

I have the newest outpost 2009 and under settings is this IP blocklist.Can't i just import list there under edit host list?

http://img177.imageshack.us/img177/1160/318ht4.png (http://imageshack.us)

You could, if you prefer it that way.
But I don't know what format OP2009 uses for its blocklists. Maybe this on-line converter (http://www.bluetack.co.uk/converter/index.php) helps you.

And I'd untick the 2 checkboxes at the bottom of that config window, or else you most likely would end up with huge logs and be bugged by hundreds of warnings.

Maybe this helps you explain it better:

IP Blocklist
This Monday we’re revisiting a feature that originated as a third-party plugin as part of Outpost 2008 and has now been revamped for the 2009 product. Here’s a little history.

The Blockpost plugin was originally developed by an Outpost fan and was designed to prevent any installed software from accessing malicious web sites or ad networks by using a blacklist of IP addresses. Many of you wanted to see this feature as an integrated part of the Outpost products, but there were compatibility issues with Outpost 2008 related to support for Vista, IPv6 and x64 systems. We were able to resolve these issues, and as an integrated module in Outpost, Blockpost now works faster, is more reliable, and fully supports the new technologies.

Blockpost’s IP address blacklist is completely user-controlled and user-generated. You can upload your own lists of infective IPs, even define a range of IP numbers that you consider unsafe. And you don’t have to spend extra time creating rules - there are text-based lists of bad IPs easily available on the Internet. But we recommend you double-check the IPs before adding them to the blacklist - some lists are old and the IP addresses on those lists may have become legitimate in the meantime.

In summary, Blockpost saves you time and trouble by ensuring that the websites you visit are legitimate, supports the new Outpost architectures, and provides more control and stability for your browsing.

In Outpost 2009, we’ve embedded the Blockpost functionality into the IP Blocklist tab on the Firewall menu. Using the Add button, you can specify host addresses as IP, IP range, IP with mask, and domain name; the Remove button deletes any selected address from the list, and Removal all clears the entire list. The Export and Import buttons save or upload lists of addresses in or from a file respectively. The lists for the old Blockpost plug-in are fully compatible with the new module.

Blocking events are added to the Packet Log as Blocked according to IP Blocklist. The ability to log the blocking event or show a corresponding alert are controlled by the Log the dropped packet and Show visual alert when packet is dropped options

Under import list says it needs ist.,txt.,dat file.So on that site you gave me, what to select?

Yea and what list to import,Level 1,iana....
just readed this
WITH IP BLOCKLIST CAPABILITY - PEERGUARDIAN LIST COMPATIBLE,yupi

Seems it uses the Blockpost format, then.

* In the on-line converter, choose "PeerGuardian plain text" as source format, and "BlockPost plugin for OutPost v2" as output format.
* Download PG's main level1 list here (http://peerguardian.sourceforge.net/lists/p2p.php) (it's a 7z archive, so you'll need 7-Zip (http://www.7-zip.org/) or WinRAR to unpack it)
* Open the file inside with Wordpad (Notepad will take forever to load the file).
* Copy all its contents.
* Open the on-line converter, go to the "Source list" tab and paste the text you've copied in the text area.
* Click the Convert button below.
* Go to the "Output" tab, select everything that's inside the text field and copy it.
* Open Notepad, paste it, and save it to a file.

Then you can tell Outpost to import that file as a blocklist, and everything should work.

Edit: just seen your edit.
If it's PG compatible, you can disregard everything I have posted, just import a PG list and done :biggrin:

Im using this Blocklist manager from bluetack.it can automaticaly find new sources and update lists for applications i use eg.my firewall.so i just need to select now source level 1, outpost blockpost v2,the location where the file will be und update.

http://img205.imageshack.us/img205/2063/318mn5.png (http://imageshack.us)



http://img205.imageshack.us/img205/2050/319yb4.png (http://imageshack.us)

And i can now turn off safepeer in vuze?firewall should now take care off it,right

It would be good to give a tutorial about this Level1, IANA,SPIDERS list..what to use and what for:wink:

Im using this Blocklist manager from bluetack.it can automaticaly find new sources and update lists for applications i use eg.my firewall.so i just need to select now source level 1, outpost blockpost v2,the location where the file will be und update.

(pics)

Sounded good and like it will save you a lot of work :smile:
But in the 2nd pic you haven't specified Outpost's directory... or did you just conceal it from the image?


And i can now turn off safepeer in vuze?firewall should now take care off it,right

Yes, you can even uninstall Safepeer to save resources, as Outpost should take care of all IP blocking now.


It would be good to give a tutorial about this Level1, IANA,SPIDERS list..what to use and what for:wink:

Here you are:


LEVEL 1 BLACKLIST

Companies or organizations who are clearly involved with trying to stop filesharing (e.g. Baytsp, MediaDefender, Mediasentry a.o.).
Companies which anti-p2p activity has been seen from.
Companies that produce or have a strong financial interest in copyrighted material (e.g. music, movie, software industries a.o.).
Government ranges or companies that have a strong financial interest in doing work for governments.
Legal industry ranges.
IPs or ranges of ISPs from which anti-p2p activity has been observed. Basically this list will block all kinds of internet connections that most people would rather not have during their internet travels.

PLEASE NOTE: The Level1 list is recommended for general P2P users, but it all comes down to your personal choice.

LEVEL 2 LIST

General corporate ranges.
Ranges used by labs or researchers.
Proxies.

LEVEL 3 LIST

Many portal-type websites.
ISP ranges that may be dodgy for some reason.
Ranges that belong to an individual, but which have not been determined to be used by a particular company.
Ranges for things that are unusual in some way. The L3 list is aka the paranoid list.

SPYWARE LIST

This list is a compilation of known malicious SPYWARE and ADWARE IP Address ranges.
It is compiled from various sources, including other available Spyware Blacklists, HOSTS files, from research found at many of the top Anti-Spyware forums, logs of Spyware victims and also from the Malware Research Section at Bluetack.

DShield Recommended List

This list contains known Hackers and such people in it.

Microsoft List

This list covers the known Microsoft Corp ranges that are not on Level1, as well as their known associated IP ranges from around the world.

AD TRACKERS

This list is constructed to block connections from advertising - marketing research data tracking sites, bad pop-ups...

Educational Institution Ranges - EDU

This list contains known Educational Institutions - University IP ranges - Educational Networks - School Districts a.o..

Tor / Proxy List

This list has been compiled from a list of Tor servers and various other proxy servers.

SPIDERS LIST

Automated software programs also known as spiders or bots, survey the Web and build their databases for search engines and some are used to track people down to automatically serve them with copyright violation notices. This list is intended to be used by webmasters to block hostile spiders from their web sites.

PLEASE NOTE: Google and other search engines are blocked by this list.

Master Exclusions

This is a list of websites and other IP's some people may not want to block.

Range Testing

This list contains addresses of suspicious IP's that are under investigation.

IANA - Bogon - Hijacked - Non-LAN lists

Internet Assigned Numbers Authority (IANA) List

These are the Internet Assigned Numbers Authority lists. They are for reserved listings and IP addresses that are supposedly not in use as of yet. This list (IANA Private) and possibly the other IANA lists contain IP Ranges that will conflict with your connection if you are one a home network or a company network. You should add the IPs or Ranges that belong to your network to your Exclusions list in the Blocklist Manager.

Bogon List

Contains known Bogon IP-Blocks.

From CompleteWhois:


Bogons is the name used to describe IP blocks not allocated by IANA and RIRs to ISPs and organizations plus all other IP blocks that are reserved for private or special use by RFCs (the actual term bogons comes from word bogus, as in bogus IP announcements). As these IP blocks are not allocated or specially reserved, such IP blocks should not be routable and used on the internet, however some of these IP blocks do appear on the net primarily used by those individuals and organizations that are often specifically trying to avoid being identified and are often involved in such activities as DoS attacks, email abuse, hacking and other security problems. These activities obviously pose great danger to everyone and ISPs should try to filter all these bad IP routes and we are trying to help in that by working to create complete detailed list of unassigned bogon ips based on whois data.

In other words, if you get hit by an IP address from this range, then they have spoofed their IP address and they, most likely, are trying to do something untoward.

Hijacked List

Contains hijacked IP-Blocks and known IP-Blocks that are used to deliver Spam.

From CompleteWhois:


Hijacked IP space are IP blocks that are being used without permission by organizations that have no relation to original organization (or its legal successor) that received the IP block. In essence it's stealing of somebody else's IP resources.

These ranges are being used illegally and are most likely being used for illegal activities. They should not be being used and should therefore be blocked.

Non-LAN List
This list blocks LAN [Local Area Network] IP ranges. It is only recommended for use by people that do not have home networks and want to block the IANA Private address ranges which should not be used on the internet.

But in the 2nd pic you haven't specified Outpost's directory... or did you just conceal it from the image?

I have not yet try it for outpost.used it for safepeer.will add it now.

will post if something goes wrong:wink2:

OK, add it, then untick the Safepeer checkbox and uninstall it [safepeer] :biggrin:

Ok here we go,first problem, i downloaded that level 1 and import it to blocklist.
It blocks my nod32 update.i have take a look in that list and there are listed several names under eset.wich one to add to exclusion list now,all or just one that its blocked?

http://img119.imageshack.us/img119/3497/19fe8.png (http://imageshack.us)

Problem two,xfire cant connect to server.there are also several items under same name listed.wich one to remove?

http://img409.imageshack.us/img409/7545/191lk2.png (http://imageshack.us)

http://img409.imageshack.us/img409/8385/196zn8.png (http://imageshack.us)

:sos:

It blocks my nod32 update.i have take a look in that list and there are listed several names under eset.wich one to add to exclusion list now,all or just one that its blocked?

...

Problem two,xfire cant connect to server.there are also several items under same name listed.wich one to remove?

....

Unblock all entries for both.
PG's manual acknowledges that Steam, Xfire and ArenaNet connectivity, among others, is blocked. And you're using the same blocklist PG uses...

And also now i see that it blocks sun microsystems.i googled a little bit and find that they developed java.so i assume to unblock that to?

Sorry i beeing so bored:sorry:

It's OK ;)
Yes, you may also want to unblock Sun, as you'll be most likely unable to download/update Java if you don't.

Hey Anon, would you say this is better than PeerGuardian?

I'd dare to say so :smile:

Good! I'll try your tutorial tommorow morning

Can someone tell me hpw to make this program start at Windows startup? :redface:

Create a shortcut of the app in:

%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\

, that should work. :wink:

Create a shortcut of the app in:

%appdata%MicrosoftWindowsStart MenuProgramsStartup

, that should work. :wink:
I have no idea what you just said :stupid: :redface:

Create a shortcut of this app.

Copy/move this shortcut into this directory:

%appdata%\Microsoft\Windows\Start Menu\Programs\Startup\

LOL, sorry, took me a while to get it :biggrin:

Thanks shoulder :wink:

@yoco: if you tick the "Minimize to Taskbar on startup" checkbox in the program's options, it'll silently go straight to the notification area the second its blocking engine starts running. Maybe you find this useful if you have a lot of programs set to start with Windows :top:

I allready had that ticked, but I don't remember showing at taskbar :confused2:

Must be because it started so fast, that you couldn't see its Taskbar button before it "iconized" itself to the notification area. :biggrin:
And that's good :top:

The tutorial has been updated, revised and cleaned like I did with the semi-anonymous torrenting one. It looks much better now :smile:

Hey! I get this error when I restart my PC and P2Pfire starts.
http://shrani.si/f/25/2K/4vmlKG0G/p2pfire.png

Open the shortcut's properties and look for the "Start in" field, below "Path". It should point to P2PFire.exe's folder, for example "C:\P2PFire" if that's where you've extracted the program.

Sorry for really late reply. I fixed the problem, I mixed something. Thank you Anon for your help :top:

Is it possible to implement "update from url"?
I found a great site: iblocklist.com. they have a huge amount of lists, but don't let you dl them. They only liet you uodate from url.

This tool's coder has been inactive since 2006, so I doubt he will implement that feature even if he saw your request. But you could write a .bat that uses wget to download I-Blocklist's lists, then start P2PFire.

Would BLM work?

@Grambo: The site you discovered seems to be pure gold. :top:

I think it would be fine if in a next version of e.g. emule (or in a next mod ?) it would be allowed to define a list containing url of IPfilters, that the client would merge each time it were launched.

I think it would be fine too, to define a white list of IP's: Sometimes there are false positve in these lists (one times, Peerates server was IPfiltered).

I'm glad you find it useful.:smile:

I think it would be fine if in a next version of e.g. emule (or in a next mod ?) it would be allowed to define a list containing url of IPfilters, that the client would merge each time it were launched.

Correct, as far as I know there's no eMule mod allowing this at the moment, but it's possible to work around this using P2PFire (a system-wide IP blocker), with the official PG lists, at least:

Get a copy of Wget for Windows (http://pages.interlog.com/~tcharron/wgetwin.html) and 7-Zip (http://www.7-zip.org/).
Copy wget.exe to P2PFire's folder.
Install 7-Zip, and copy 7z.exe and 7z.dll to P2PFire's folder.
Open Notepad.
Type this:

rem this is the level1 list
wget http://peerguardian.sourceforge.net/lists/p2p.php
rem this is the edu list
wget http://peerguardian.sourceforge.net/lists/edu.php
rem this is the spy/malware list
wget http://peerguardian.sourceforge.net/lists/spy.php
rem this extracts the level1 list
7z x level1.7z
rem this extracts the edu list
7z x edu.7z
rem this extracts the spy/malware list
7z x spyware.7z
rem merges the 3 extracted files into one
copy /y level1.+edu.+spyware. guarding.p2p
rem runs p2pfire
start p2pfire.exe
rem you can also run other apps before finishing the program:
rem start "S:emule sbi leecheremule.exe"
rem start "C:program filesmozilla firefoxfirefox.exe"
rem etc...

Save the file as

"updlists.bat"

with the quotes! You can give it another name if you want, as long as the resulting file is a runnable .bat.

Now, if you use this .bat to run P2PF, it should automatically download and merge the P2P, educational and spyware blocklists into one file, before starting the IP blocker.


I think it would be fine too, to define a white list of IP's: Sometimes there are false positve in these lists (one times, Peerates server was IPfiltered).

It's possible to make a blocklist work as a whitelist by renaming it to white.p2p and loading it in P2PFire, maybe you can play around with that:

peerates web server:88.191.92.222-88.191.92.222
peerates ed2k server:88.191.81.111-88.191.81.111

By the way, does P2PFire works or not on Vista 64? I read something about Vista32, but it seemed not conclusive. Any help? My machine is a little weird, it has Vista64, but only Java 1.4, therefore I'm almost sure I gonna have a lot of compatibility issues with p2p apps like Azureus. Its sad but I can't change its configuration, because more people use it and the system should stay like that.
Regards,
fw190d9

Only the driver is available in 64-bit format - the frontend (i.e. UI) isn't. Anyway, according some tests it doesn't work with Vista at all... :frown:

The latest Azureus has built-in IP blocking functionality though (SafePeer is no more), maybe you can use that instead.

Hi anon I've just found out another site that Updates their IP Filter Lists and its updated, they have also a format available for emule, peerguardian and utorrent client. Here is the site address:


http://nexus23.org/warfare/content/view/17/34/

Thanks, added. :top:

your welcome anon. :wink:

Unfortunatly it blocks my MSN Messenger traffic too :|

Or is it my IP list thats causing this?

Thanks for the tut though :)

Unfortunatly it blocks my MSN Messenger traffic too :|

Or is it my IP list thats causing this?

Yes, it's your blocklist. Use a less aggressive one.

to be honest i want to know what is the difference between p2pfire and peerguardian
i use peerguardian i would like to know is p2pfire better if yes how and what are its advantages since i would change only if its better else happy with peerguardian

to be honest i want to know what is the difference between p2pfire and peerguardian

PeerGuardian blocks traffic. P2PFire blocks connections, so it shouldn't slow you down if you haven't applied the max half-open connections patch, or kill your connection if you try to connect to a lot of blocked IPs from behind a router.


i use peerguardian i would like to know is p2pfire better if yes how and what are its advantages since i would change only if its better else happy with peerguardian

Well, P2PF doesn't have some of PG's features like the list manager, automatic updates, etc., but its driver is much more stable - PG's often locks up and forces you to reboot your PC before it'll work again.

so p2pfire much better in keeping my privacy and saving my ass of those MPAA and riaa people

Essentially - you won't even connect to them. :tongue:

Hi anon I've just found out another site that Updates their IP Filter Lists and its updated, they have also a format available for emule, peerguardian and utorrent client. Here is the site address:


http://nexus23.org/warfare/content/view/17/34/

I've been using this IPfilter, is not as agressive as the regular one, and it is usually updated 2-3 days after a new emule ipfilter is released. :top:

Hosted at Sourceforge:
SourceForge.net: IpfilterX-u23 (http://sourceforge.net/projects/ed2k-ipfilterx/)

Added, thanks. :top:

how do i combine all these list? do i just put the .p2p file in the folder?

No, P2PFire doesn't load any other blocklists than a single guarding.p2p or ipfilter.dat.

It isn't advisable to append a list to another one, but you can achieve it by opening a cmd window, cding to the P2PF directory, and using the following command:

copy list1+list2 list3.p2p

Replace the filenames as appropiate.

anon's way is better than pure ipfilter.

My way = that custom guarding.p2p file?

It could use an update :tongue:

How?
The firewall would need to have an IP blocking module anyway.
The Blockpost plugin adds that functionality to Outpost v4, for example, but makes it work like PG, blocking packets and not connections.
I chose this tool because it blocks connections instead, and has an extremely low CPU and RAM usage.

This is an interesting difference between PG and P2PF.

What about the IP filtering option in eMule ? Doest it block connections to bad IPs, or only packets ?

What about the IP filtering option in eMule ? Doest it block connections to bad IPs, or only packets ?

It blocks them at TCP level = connections.

Can anyone please help me out? I am new to this, and I would greatly appreciate it if anyone can help me. I am using Vista Home Premium 64 bit.
I followed everything but I am stuck at the step when I first start to run the p2pfire.exe file. This is the message it shows:

http://i31.tinypic.com/2uz2j69.jpg

I did restart the program many times but it still shows the same message. I would really appreciate it if anyone can help me out.

Thanks

Unfortunately, P2PFire doesn't work on Vista. But you can try PeerBlock, the PG2 fork that does.

use ipfilter.dat in vuze & utorrent both ..pg dont know how to use that software..thats why..leave it

pg dont know how to use that software..

Tutorial: How to install and configure PeerGuardian 2 (http://forum.vladd44.com/tutorial-how-install-and-configure-peerguardian-t6924.html)

You should be fine with the IP Filter, though. It has the advantage of only blocking hosts for the P2P client.

Peerblock is much better than Peerguardian.

quick question, i downloaded the ipfilter.dat, and it looks like it's working fine. do i really need the *.p2p inside the p2pfire dir to make it better? so just 1 ipfilter.dat file will do the p2p protection job, won't it?

regards, and thanks so much, anon, you opened my eyes... and it just feel a bit weird, cause i don't use toilet ducks to wipe my eyes.:wink2:

do i really need the *.p2p inside the p2pfire dir to make it better?

No. More than a single blocklist is overkill.


regards, and thanks so much, anon, you opened my eyes... and it just feel a bit weird, cause i don't use toilet ducks to wipe my eyes.:wink2:

What's up with you thinking I'm a rubber duck? :tongue:

not a rubber duck, Toilet Duck is a brand :cool2: LOL

oops double post, I fail

### EDIT: original post

I've got the program running fine, but I cannot surf the web while it is running. I'm assuming P2PFire is blocking something that's causing this to happen, but I can't figure out what!

I'm assuming P2PFire is blocking something that's causing this to happen, but I can't figure out what!

That's what the log window is there for...

No. More than a single blocklist is overkill.


I which measure ? what exactly is overkilled ? Some ipfilter are complementary each others; moreover, (if I well understand) P2PFire built its own "optimized ipfilter" (the union of the files ipfilter.dat, block.p2P and guarding.p2P, minus white.p2P, with redundancies eliminated) and works with it. So the only overkill risk I see is that the "optimized ipfilter" might filter too many good IPs, but this can happen with a sole ipfilter as well as well (e.g. a sole ipfilter.dat, with a sole line: 000.000.000.000-255.255.255.255).

I which measure ? what exactly is overkilled ?

I meant more in an optimization sense, since ipfilter files tend to be anywhere in the 10+MB region nowadays (with the notable exception of the light but working IpFilterX). Adding two or more of those together without cleaning up would end with a huge file - although that shouldn't be a problem if you let P2PFire optimize the lists as you mentioned. (Other IP blocking programs don't have that built-in!)

However, I think the results would be more or less the same as when using a "paranoid" ipfilter, so it may not be worth the hassle.

Hello fellas,

I cant use p2pfire because i use windows 7 . I installed peerblock . Is it ok or p2pfire is better ? What do you recommend me ?

Thanks

I cant use p2pfire because i use windows 7 . I installed peerblock . Is it ok or p2pfire is better ? What do you recommend me ?

PeerBlock works on Windows 7. P2PFire doesn't. Logic kind of says PeerBlock is better. :unsure:

Yes, I just checked myself and indeed P2PFire doesn't work on Windows 7, as expected.

I updated the list of ipfilter.dat addresses. Two were dead and one changed its URL.

hey guys i have tried to install this and all i get is it reports error and asks mwe to restart the application P2PFire.sys load: ERROR, CODE: DRV_ERROR_STARTING (-6)13410

P2PFire doesn't work on Vista and above, and there have been no updates since 2006.

Use Peerblock, it's just as good.

awesome thanks m8 still a noob thats willing to learn thanks for this m8

I use the gaurdian.p2p file with the ipfilter feature of vuze directly .. Is it safe enough ?

Keep the blocklist updated, and you will receive all the security an IP filter can give you.

Keep the blocklist updated, and you will receive all the security an IP filter can give you.

I configured Vuze to download the filter automatically from http://emulepawcio.sourceforge.net/ipfilter.zip every 7 days .

Does IP filter give any security? They can log my IP without direct connection and they can use IP outside of blocked range.

It's not perfect at all, but it's a decent and easy to implement protective measure.

From what I've read these ip blocking measures now have become nearly pointless.. sorry for resurrecting dead threads.. but especially if im not using public trackers (without a vpn) just private ones... correct?

From what I've read these ip blocking measures now have become nearly pointless.. sorry for resurrecting dead threads.. but especially if im not using public trackers (without a vpn) just private ones... correct?

As long as blocklists continue to be updated, I wouldn't call it pointless. A lot of people use IP filters and a VPN, but the former was never bulletproof, just a good additional security measure.

Also, private trackers aren't the safe haven of piracy you might think, especially not nowadays. Germans couldn't download from the oh so elite SCC without getting a "strike" from copyright agencies. Other stories of people getting warnings for their activity on the (concededly less elite) IPT and TL abound; in one instance the tracker in question was even mentioned by name.

It's a safe bet that most private trackers are infiltrated to some degree. Finding invites isn't that hard, and they've all had open signups at some point. Remember the 2007 MediaDefender leaks? Those guys were active on several invite-only sites, with residential IPs, "normal" e-mail addresses and a snatchlist you wouldn't look twice at.

Is peerblock good enough instead of p2pfire

Depends on your OS. P2PFire only works on Windows 2000, XP and 2003. PeerBlock supports more modern systems. Unfortunately both are unmaintained nowadays, so personally I just use the IP filtering feature built in to most major P2P programs.

You can also block addresses by adding invalid entries to your routing table, but that method isn't very friendly and doesn't scale well.

I can't believe I-Blocklist still has an annual subscriptions thing. It's been decades
Are there any better sources nowadays tho?

After googling i've came across a few interesting links:
BT_Blocklist Github (https://github.com/Naunter/BT_BlockLists)

OISDl (https://oisd.nl) this one is primarily for DNS&AD Blockers tho.

I can't believe I-Blocklist still has an annual subscriptions thing. It's been decades

IpFilterX also charges for all of their blocklists, but what are you going to do. The real question is how come Bluetack is still credited for regular updates to the level 1, 2 and 3 lists when they've ceased operations a long time ago.


Are there any better sources nowadays tho?

Try this special sauce.

359871

Thanks! Actually, how do you make all of these work with qbittorent? It returns "0 rules were applied' if i just rename .txt to .dat (it only works with .p2p .dat and .p2b)

Import the unmodified list(s) into 33978, export in the format qBittorrent expects.