Frequently Asked Questions

How do I whitelist IP addresses ?
Create a p2p list in /var/cache/iplist/ and add the file to ALLOW_LIST in /etc/ipblock.conf. Before editing the configuration file the GUI needs to be closed. A sample p2p list:

localhost : -

How do I build the latest version from svn ?
The following packages are required to build a deb package (Ubuntu, Debian): g++, libnetfilter-queue-dev, zlib1g-dev, libpcre3-dev, fakeroot, debhelper.

git clone git://
cd iplist && make deb

Where can I get a description of the various lists ?
Checkout the bluetack blocklist FAQ. The rest are country specific lists.

The GUI doesn't seem to start/work
Try to change the jre to sun's VM version 1.6 with

sudo aptitude install sun-java6-jre
sudo update-alternatives --config java
The GUI logfile /tmp/ipblockUI.log might contain some useful error messages.

Does IPblock work with other firewall applications ?
Yes. But IPblock needs to be started after other firewall applications.

Some applications cannot connect to the internet.
You could try whitelisting IPs or ports. HTTP and other common ports can be set in the Settings tab.

IPblock freezes (Ubuntu Hardy)
gcj conflicts with sun's java and can cause such behavior. In order to fix it I would remove every package that contains *gcj* (especially gcj-4.1, gcj-4.2, java-gcj-compat). Most packages that need gcj depend on a metapackage java2-runtime which is provided by sun-java[5-6]-jre, so it shouldn't remove any wanted packages.

IPblock and 100% CPU use (Ubuntu Intrepid)
This bug seems to be related to CacaoVM. Using sun's VM should fix it:

sudo aptitude install sun-java6-jre
sudo update-alternatives --config java

Loading lists takes very long.
Try to convert the lists to IPL format with (as root)

ipblock -c
Due to the binary format it will take less time to start iplist.

What does blocking connections mean ?
In this case blocking means to reject outgoing or forwarded connections with tcp-reset or icmp-port-unreachable. Packets of incoming connections are dropped.

Why do I get the message "error: update of list failed" ?
This is normal. Sometimes the update server is temporary down or under heavy load. Just try again later.

Can I use IPblock on the command-line and the GUI ?
Yes. The GUI can detect if IPblock is already running. GUI does not stop blocking if you close it.

I get an error message and/or it doesn't seem to work. Why ?
Open a thread in the help forum and post /tmp/ipblockUI.log and the output of

egrep "iplist|ipblock" /var/log/syslog
If it's a problem related to starting IPblock the output of
DEBUG=1 sudo ipblock -sl
would be useful, too.

How do I exclude a port range ?
The syntax for port ranges is e.g. 5000:5100 .

Why not use the build-in blocklist feature of my P2P application ?
P2P applications only block connections relevant to their process (transport layer). However IPblock uses the operating system's firewall interface (network layer) which has the advantage that all connections regardless of the protocoll, host, process and content are filtered. Furthermore users of IPblock are in "stealth mode" which prevents blocked hosts to determine wheter they are online or not. Other features are: wide range of lists, auto-update, whitelists, multi-threaded design, higly customizable, ...