未分類
13 6 月 2021

朋友给了几个米粽 我给了朋友人字梯 结果朋友下片被警告

KDE 大佬有话说 : 10 分钟前

朋友给了几个米粽 我给了朋友人字梯 结果朋友下片被警告

本帖最后由 KDE 于 2021-6-13 03:05 编辑

然后iptables封禁所有,再允许特定端口,大佬看看这样做对吗?
放/etc/rc.local开机运行

——————

iptables -F //清除所有

iptables -A INPUT -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -p tcp –dport 80 -j ACCEPT
iptables -A INPUT -p tcp –dport 443 -j ACCEPT

iptables -A INPUT -p udp –dport 8888 -j ACCEPT //转发wgcf
iptables -A INPUT -p udp –dport 2408 -j ACCEPT
iptables -A INPUT -p udp –dport 4000 -j ACCEPT
iptables -A INPUT -p udp –dport 5000 -j ACCEPT
iptables -A INPUT -p udp –dport 53 -j ACCEPT
iptables -A INPUT -p udp –dport 853 -j ACCEPT

#转发wgcf
iptables -t nat -A PREROUTING -p udp –dport 8888 -j DNAT –to-destination 162.159.192.1:2408
iptables -t nat -A POSTROUTING -d 162.159.192.1 -p udp –dport 2408 -j MASQUERADE

关键词封
iptables -A OUTPUT -m string –string "torrent" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string ".torrent" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "peer_id=" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "announce" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "info_hash" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "get_peers" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "find_node" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "BitTorrent" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "announce_peer" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "BitTorrent protocol" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "announce.php?passkey=" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "magnet:" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "xunlei" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "sandai" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "Thunder" –algo bm –to 65535 -j DROP
iptables -A OUTPUT -m string –string "XLLiveUD" –algo bm –to 65535 -j DROP

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

fxsnow 大佬有话说 : 6 分钟前

希望版主把你关进小黑屋

tegihov430 大佬有话说 : 5 分钟前

要不把这个网址告诉他吧
jable.tvhttps://cdn.jsdelivr.net/gh/hishis/forum-master/public/images/patch.gif

KDE 大佬有话说 : 3 分钟前

fxsnow 大佬有话说 : 2021-6-13 03:04
希望版主把你关进小黑屋

已改人字 梯