adsl代理服务器设置！封杀QQ，ftp等

cckj
1^# 大中小发表于 2007-4-27 11:16 只看该作者
adsl代理服务器设置！封杀QQ，ftp等

复制内容到剪贴板
代码:

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/modprobe ip_tables

/sbin/modprobe iptables_filter

/sbin/modprobe iptables_nat

/sbin/modprobe iptable_nat

/sbin/modprobe ip_conntrack

/sbin/modprobe ip_conntrack_ftp

/sbin/modprobe ip_nat_ftp

iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.6.0/24 -j MASQUERADE

iptables -t nat -A PREROUTING -i eth0 -p tcp -s 192.168.6.0/24 --dport 80 -j REDIRECT --to-port 4448

iptables -A FORWARD -i eth0 -p udp --dport 8000 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 4000 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -P tcp --dport 8000 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 21 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 5190 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 1863 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 5190 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 1863 -j DROP

iptables -A FORWARD -S 192.168.6.0/24 -p udp --dport 6346 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 554 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 1720 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 6346 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 7070 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 554 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 8080 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 6667 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 6667 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 4662 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 4662 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 4661 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 4661 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p tcp --dport 4665 -j DROP

iptables -A FORWARD -s 192.168.6.0/24 -p udp --dport 4665 -j DROP

iptables -t nat -A POSTROUTING -p udp --dport 8000 -j MASQUERADE

iptables -A FORWARD -p udp --dport 8000 -j DROP

iptables -A FORWARD -d tcpconn.tencent.com -j DROP

iptables -A FORWARD -d tcpconn2.tencent.com -j DROP

iptables -A FORWARD -d tcpconn3.tencent.com -j DROP

iptables -A FORWARD -d tcpconn4.tencent.com -j DROP

iptables -A FORWARD -d 218.17.209.23 -j DROP

iptables -A FORWARD -d 218.18.95.153 -j DROP

iptables -A FORWARD -d tcpconn.tencent.com -j DROP

iptables -A FORWARD -d tcpconn2.tencent.com -j DROP

iptables -A FORWARD -d tcpconn3.tencent.com -j DROP

iptables -A FORWARD -d tcpconn4.tencent.com -j DROP

iptables -A FORWARD -d 218.17.209.23 -j DROP

iptables -A FORWARD -d 218.18.95.153 -j DROP

iptables -A FORWARD -d 218.18.95.135 -j DROP

iptables -A FORWARD -d 218.18.95.135 -j DROP

iptables -A FORWARD -i eth0 -p tcp --dport 6881:6890 -j DROP

route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.6.253

route add -net 202.39.27.0 netmask 255.255.255.0 gw 192.168.6.209

iptables -A FORWARD -p udp --dport 8080 -j DROP

iptables -A FORWARD -p tcp --dport 8080 -j DROP

iptables -A FORWARD -p udp --dport 1080 -j DROP

iptables -A FORWARD -p tcp --dport 1080 -j DROP

iptables -A FORWARD -p tcp --dport 8000 -j DROP

iptables -A FORWARD -p udp --dport 8000 -j DROP

iptables -A FORWARD -d tcpconn.tencent.com -j DROP

iptables -A FORWARD -d tcpconn2.tencent.com -j DROP

iptables -A FORWARD -d tcpconn3.tencent.com -j DROP

iptables -A FORWARD -d tcpconn4.tencent.com -j DROP

iptables -A FORWARD -d http.tencent.com -j DROP

iptables -A FORWARD -d http2.tencent.com -j DROP

iptables -A FORWARD -d 61.144.238.145 -j DROP

iptables -A FORWARD -d 61.144.238.146 -j DROP

iptables -A FORWARD -d 61.144.238.156 -j DROP

iptables -A FORWARD -d 61.144.238.150 -j DROP

iptables -A FORWARD -d 202.104.129.251 -j DROP

iptables -A FORWARD -d 202.104.129.254 -j DROP

iptables -A FORWARD -d 202.104.129.252 -j DROP

iptables -A FORWARD -d 202.104.129.253 -j DROP

iptables -A FORWARD -d 61.141.194.203 -j DROP

iptables -A FORWARD -d 202.96.170.166 -j DROP

iptables -A FORWARD -d 218.18.95.221 -j DROP

iptables -A FORWARD -d 219.133.45.15 -j DROP

iptables -A FORWARD -d 61.141.194.200 -j DROP

iptables -A FORWARD -d 61.141.194.224 -j DROP

iptables -A FORWARD -d 202.96.170.164 -j DROP

iptables -A FORWARD -d 202.96.170.163 -j DROP

iptables -A FORWARD -d 219.133.40.216 -j DROP

iptables -A FORWARD -d 218.18.95.209 -j DROP

iptables -A FORWARD -d 61.141.194.227 -j DROP

iptables -A FORWARD -d 218.18.95.171 -j DROP

iptables -A FORWARD -d 218.18.95.221 -j DROP

iptables -A FORWARD -d 219.133.38.31 -j DROP

iptables -A FORWARD -d 218.18.95.165 -j DROP

iptables -A FORWARD -d 202.96.170.188 -j DROP

iptables -A FORWARD -d 202.104.129.246 -j DROP

iptables -A FORWARD -d 61.144.238.137 -j DROP

iptables -A FORWARD -d 202.96.170.175 -j DROP

iptables -A FORWARD -d 202.103.190.61 -j DROP

iptables -A FORWARD -d 202.103.149.40 -j DROP

iptables -A FORWARD -d 218.18.95.140 -j DROP

iptables -A FORWARD -d 218.18.95.153 -j DROP

iptables -A FORWARD -d 61.135.131.240 -j DROP

iptables -A FORWARD -d 216.239.33.99 -j DROP

iptables -A FORWARD -d 218.17.209.23 -j DROP

iptables -A FORWARD -d 202.104.129.251 -j DROP

iptables -A FORWARD -i eth0 -p udp --dport 8000 -j DROP

iptables -A FORWARD -d 219.133.40.177 -j DROP

iptables -A FORWARD -d tcpconn.tencent.com -j DROP

iptables -A FORWARD -d 219.133.40.244 -j DROP

iptables -A FORWARD -d domianss2.com -j DROP

iptables -A FORWARD -d blogs.jrealm.net -j DROP

iptables -A INPUT -d pop3.21cn.com -j DROP

iptables -A INPUT -d smtp.21cn.com -j DROP

iptables -A INPUT -d pop.21cn.com -j DROP

iptables -A INPUT -d pop3.163.com -j DROP

iptables -A INPUT -d smtp.163.com -j DROP

iptables -A INPUT -d pop.163.com -j DROP

iptables -A INPUT -d 219.133.40.0/24 -j DROP
本文由cckj 发布于Linuxsky 论坛，网址:http://bbs.linuxsky.org/thread-5708-1-1.html
搜索更多相关主题的帖子: iptables 代理服务器 ftp sbin modprobe
TOP
‹‹ 上一主题 | 下一主题 ››