Package Details: pgl 2.3.1-1

Git Clone URL: https://aur.archlinux.org/pgl.git (read-only)
Package Base: pgl
Description: A privacy oriented firewall application (GUI).
Upstream URL: http://sourceforge.net/projects/peerguardian/
Licenses: GPL3
Conflicts: pgl-cli, pgl-git
Submitter: Gilrain
Maintainer: Gilrain
Last Packager: Gilrain
Votes: 31
Popularity: 1.751680
First Submitted: 2011-08-25 13:05
Last Updated: 2016-01-14 14:40

Latest Comments

Dawa commented on 2016-02-28 02:35

Just confirming that lwinch2006's ASCII-only blocklist works with no errors. Definitely the unicode characters in the default blocklists causing the "broken pipe" problem.

lwinch2006 commented on 2016-02-27 17:07

Hello.
I have experienced this problem with "no valid ASCII format" recently too
"
WARN: No valid ASCII blocklist format line:
cat: write error: Broken pipe
"

As I have discovered this happens because of the many non-ASCII symbols like "¬ ® µ ¼ Ñ" and others that appears in blocklist files and that PeerGuardian cannot parse while constructing master blocklist. As it has happened just recently I can suppose that blocklists have been updated on https://www.iblocklist.com/lists with many non-ASCII symbols and were downloaded as an update after this by PeerGuardian program.

So now I suppose the only way is to wait until lists on www.iblocklist.com will be fixed and all non-ASCII symbols will be removed.

Also if anybody know how to compile PeerGuardian with the support of Unicode please comment the method here.

As for me I've created manually a common blocklist that includes IP-ranges from the following blocklists presented below and manually deleted all non-ASCII symbolds from it. So in case anybody needs this blocklist too there is a link below for downloading.

Blocklists included in "full-ascii-blocklist.p2p"
bluetack_ads-trackers-and-bad-pr0n
bluetack_bad-peers
bluetack_bogon
bluetack_dshield
bluetack_edu
bluetack_for-non-lan-computers
bluetack_forum-spam
bluetack_hijacked
bluetack_iana-multicast
bluetack_iana-private
bluetack_iana-reserved
bluetack_level1
bluetack_level2
bluetack_level3
bluetack_microsoft
bluetack_proxy
bluetack_range-test
bluetack_spider
bluetack_spyware
bluetack_web-exploit
bluetack_webexploit-forumspam
cidr-report_bogon
dchubad_faker
dchubad_hacker
dchubad_pedophiles
dchubad_spammer
peerblock_rapidshare
spamhaus_drop

Link for the "full-ascii-blocklist.p2p"
https://www.sendspace.com/file/uffnr8

Dawa commented on 2016-02-24 15:11

I'm using the default blocklists available through pgl-gui's "Config" tab. My /bin/sh points to /bin/bash. Editing the first line of /usr/bin/pglcmd to #!/bin/bash had no effect. Also, it seems like pgl is only loading the ip ranges from the first blocklist it downloads. i.e. no matter what combinations of other lists I select, I get the error and pgl only loads the ips from the initial bluetack/ads-trackers-and-bad-pr0n blocklist. For now I've deselected everything but bluetack/level-1.

I checked pglcmd show_config and the IP_REMOVE field is blank.

jre commented on 2016-02-24 11:51

Either there is some unexpected problem with the blocklists that you want to use. Are they local or remote? Can you send me all URLs/filepaths?

Or the script code does not work for your shell. Which shell do you use (check where /bin/sh points to)? Test if it works if you force bash, edit /usr/bin/pglcmd and change the first line to:

#!/bin/bash

Then the probably problematic code is in pglcmd.lib:

cat --squeeze-blank $BLOCKLISTSCAT |
# Ignore comment lines
grep -Ev "^[[:space:]]*#"
[...]

BLOCKLISTSCAT yields the filepaths of all local and remote blocklists that are configured to be used (those in /var/spool/pgl/LIST/extracted/NAME). Maybe some shells have problems with the command being spread over several lines, including comments.

Disclaimer: your filepaths may vary, didn't check them for arch.

Just to be sure: I guess you don't have any IP_REMOVE settings? Check "pglcmd show_config".

Dawa commented on 2016-02-24 05:05

Been seeing this if I try to update the blocklists with more than one blocklist selected:

Building blocklist ...
WARN: No valid ASCII blocklist format line:
cat: write error: Broken pipe
WARN: No valid ASCII blocklist format line: Binary file standard input matches

...etc. The update "finishes" normally but the number of blocked IPs doesn't change after adding more blocklists, so something is failing.

glitsj16 commented on 2016-01-02 03:59

2.3.1 is out since 2015-11-17.

Gilrain commented on 2014-06-17 12:51

> The documentation ("Requisite") says the service will fail and there is no mention of 'retry'.

You're absolutely right but remember that there are 2 parts to pgl integration to systemd timer: a service and a timer.
Just like the "old" cron.daily script, the timer is programmed to be called every 24 hours if the system is on. It also emulates the anacron functionality to call the service if the system has been down for more than 24 hours.
So the retry should happen the next day at the earliest or as soon as the computer is on when the downtime is superior to 24h, just as (ana)cron used to do it (including failures when a connection wasn't established prior to launching the script).

So again and AFAIK, failure of the service is only temporary until another call is placed by the timer.

What I need to clarify is whether the network (and possibly timeout) checks are more appropriate in the timer or service file.

As for my reluctance to implement a hard dependency on network.target, it's born by the fact that it would force a network connection regardless of whether the admin or user wants one. It feels wrong to have this behavior by default.

I'll make the changes you suggested to the PKGBUILDs. Thank you for spotting them.

willemw commented on 2014-06-17 11:43

@Gilrain:
The documentation ("Requisite") says the service will fail and there is no mention of 'retry'.

Minor suggestion: make use of 'provides'. Other pgl packages (pgl-git, pgl-cli) could define provides=('pgl') and then remove pgl-git and pgl-cli from the 'conflicts' lists.

willemw commented on 2014-06-17 11:33

@Gilrain:
OK if it works as you expect it to work (like anacron), but the documentation ("Requisite") says the service will fail and there is no mention of 'retry'.

Minor suggestion: make use of 'provides'. Other pgl packages (pgl-git, pgl-cli) could define provides=('pgl') and then remove pgl-git and pgl-cli from the 'conflicts' lists.

Gilrain commented on 2014-06-16 14:44

> Say I reboot once everyday and at reboot pgl-update starts before the network is ready, then pgl will never get updated.

Adding an After=network.target will take care of that case. Even without it the timer should not permanently fail and start the service again in 24 hours (from what I understand of systemd).

All comments