pglgui                           draft                            2011-04-20


PeerGuardian Linux consists of three components:
- pgld: the IP block daemon itself. It checks internet traffic in the kernel
    user space based on huge blocklists with IP ranges. It then either ACCEPTs,
    DROPs or MARKs the packets.
- pglcmd: does several tasks around pgld:
    - It starts/stops the daemon.
    - It setups the netfilter iptables environment, that decides which traffic
        gets to pgld and what happens with MARKed packets.
    - It handles the blocklists.
    - pglcmd.wd is a watchdog that frequently checks whether the daemon is still
        running and some iptables rules exist. On fail it restarts pglcmd.
- pglgui: is the GUI (Graphical User Interface) on top of pgld and pglcmd.


Utilized software:
- C++
- Qt
- dbus


Assumptions (check on startup):
- pglcmd's default iptables setup is used
    else offer to change this and "pglcmd restart"
    else start in restricted mode


Design:

Main Window:
- Control Panel:
    - allows to use pglcmd direct commands like start, stop, update, status with
        a single click.
    - shows daemon status (pgld process is running) (red/green light) HOW?
- Log Panel:
    - shows log:
        on startup: show last lines from pgld.log
        gets directly notified by the daemon via dbus about blocked packets and
        other logged events.
    - allows whitelisting: right-click on blocked packets allow to
        - whitelist blocked IP permanently:
            entry to pglcmd's WHITE_IP_FWD, WHITE_IP_IN or WHITE_IP_OUT
            issue iptables command directly
        - whitelist blocked IP's port permanently:
            issue warning that this is a security risk, explain why
            entry to pglcmd's WHITE_[TCP|UDP]_[IN|OUT|FWD]
            issue iptables command directly
        - temporarily whitelist blocked IP, port or IP+port+protocol
          combination:
            issue iptables command directly
- Configure Panel:
    Allows to edit pglcmd's variables. Default values are in pglcmd.defaults.
    Other values are saved in pglcmd.conf.
    Offer to "pglcmd restart" to apply changes for iptables rules or pgld's
        options.
    "pglcmd reload" to apply changes for blocklists.
    - Main:
        The most important pglcmd variables (automatic start and blocklist
        update, ...)
    - Whitelisting
    - Logging
    - Paths
    - ...
    - pglgui specific settings, saved in ~/.config/pgl/pglgui.conf

Dockable to system tray
    different icons for whether pgld process is running
    blink on block (make configurable)

Some commands require root privileges. Gain them with policykit (currently
gksu/kdesudo)



---------- old mobloquer -----------------

Features:
* [TODO] View the IPs which pgl blocks in realtime as well as some information about
  each one.
* [TODO] Easily view whois information for each IP blocked.
* [TODO] Easily configure pgl to stop blocking an IP.
* Add/Remove/Enable/Disable blocklists and tweak their settings.
* Quickly tweak pgl's settings such as automatic startup, automatic updates etc.
* Whitelist specific ports.
* Whitelist IPs/hostnames.
* [TODO] Remove entries from the blocklists.
* View the state of pgld.
* [TODO] View some information about moblock such as the number of the loaded ranges, the last time the blocklists were updated etc.
* [TODO] View the log produced by pglcmd in real time.
* [TODO] View the current iptables rules to determine if pgl is working.
* Start/Restart/Stop/Reload/Update pgl with just one click.

Dependencies:
* libc-dev/libc6-dev
* g++
* make
* libqt4-core (>=4.3.0)
* libqt4-gui (>=4.3.0)
* libqt4-dev (>=4.3.0)
* pgld and pglcmd

See "install" for installation instructions.

Common problems:
* If pglgui stops working properly, the first thing you should try to do is
  delete its configuration file.
  Just run "rm ~/.config/pgl/pglgui.conf" in a terminal to do so.
* Launch pglgui with the argument --tray if you want it to start minimized in
  the tray.