搞五搞七博客

新浪微薄腾讯微薄

最新碎语:站内文章,均为转载,无原创。

您的位置:搞五搞七博客 >linux知识> Linux中利用 iptables 封垃圾邮件(SPAM)和BT(磁力链接)、PT

Linux中利用 iptables 封垃圾邮件(SPAM)和BT(磁力链接)、PT

一些人做Shadowsocks账号分享害怕用户发垃圾邮件(SPAM)和BT、PT导致VPS被IDC封杀。

再加上最近写了两篇 VPS下载BT(磁力链接)的教程,那就正好来一个 能够封垃圾邮件(SPAM)和BT(磁力链接)、PT的脚本(转载)。


一键脚本

  1. wget -4qO- onekey.sh/Get_Out_Spam|bash

很简单,只要在VPS上面运行这个命令,就会自动添加iptables规则。

注意:既然是iptables防火墙规则,那VPS肯定是要安装iptables的,不过一般都安装的有,除了坑爹的CentOS7需要关闭自带的防火墙安装iptables。
注意:本脚本非常的暴力,直接封杀了所有的邮件端口,同时过滤任何包含BT(磁力链接)字眼的网站和链接!

脚本执行后的提示:

  1. [root@li760-160 ~]# wget -4qO- onekey.sh/Get_Out_Spam|bash
  2. Chain OUTPUT (policy ACCEPT 1 packets, 104 bytes)
  3. num pkts bytes target prot opt in out source destination
  4. 1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with icmp-port-unreachable
  5. 2 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465
  6. 3 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with icmp-port-unreachable
  7. 4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995
  8. 5 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with icmp-port-unreachable
  9. 6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993
  10. 7 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with icmp-port-unreachable
  11. 8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179
  12. Chain OUTPUT (policy ACCEPT 5 packets, 2008 bytes)
  13. num pkts bytes target prot opt in out source destination
  14. 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "Subject" ALGO name bm TO 65535
  15. 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "HELO" ALGO name bm TO 65535
  16. 3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "SMTP" ALGO name bm TO 65535
  17. 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "torrent" ALGO name bm TO 65535
  18. 5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match ".torrent" ALGO name bm TO 65535
  19. 6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "peer_id=" ALGO name bm TO 65535
  20. 7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce" ALGO name bm TO 65535
  21. 8 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "info_hash" ALGO name bm TO 65535
  22. 9 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "get_peers" ALGO name bm TO 65535
  23. 10 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "find_node" ALGO name bm TO 65535
  24. 11 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535
  25. 12 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce_peer" ALGO name bm TO 65535
  26. 13 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535
  27. 14 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "protocol" ALGO name bm TO 65535
  28. 15 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535
  29. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
  30. num pkts bytes target prot opt in out source destination
  31. 1 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with tcp-reset
  32. 2 0 0 DROP udp * * ::/0 ::/0 multiport dports 25,26,465
  33. 3 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with tcp-reset
  34. 4 0 0 DROP udp * * ::/0 ::/0 multiport dports 109,110,995
  35. 5 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with tcp-reset
  36. 6 0 0 DROP udp * * ::/0 ::/0 multiport dports 143,218,220,993
  37. 7 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with tcp-reset
  38. 8 0 0 DROP udp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179
  39. Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
  40. num pkts bytes target prot opt in out source destination
  41. 1 0 0 DROP all * * ::/0 ::/0 STRING match "Subject" ALGO name bm TO 65535
  42. 2 0 0 DROP all * * ::/0 ::/0 STRING match "HELO" ALGO name bm TO 65535
  43. 3 0 0 DROP all * * ::/0 ::/0 STRING match "SMTP" ALGO name bm TO 65535
  44. 4 0 0 DROP all * * ::/0 ::/0 STRING match "torrent" ALGO name bm TO 65535
  45. 5 0 0 DROP all * * ::/0 ::/0 STRING match ".torrent" ALGO name bm TO 65535
  46. 6 0 0 DROP all * * ::/0 ::/0 STRING match "peer_id=" ALGO name bm TO 65535
  47. 7 0 0 DROP all * * ::/0 ::/0 STRING match "announce" ALGO name bm TO 65535
  48. 8 0 0 DROP all * * ::/0 ::/0 STRING match "info_hash" ALGO name bm TO 65535
  49. 9 0 0 DROP all * * ::/0 ::/0 STRING match "get_peers" ALGO name bm TO 65535
  50. 10 0 0 DROP all * * ::/0 ::/0 STRING match "find_node" ALGO name bm TO 65535
  51. 11 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535
  52. 12 0 0 DROP all * * ::/0 ::/0 STRING match "announce_peer" ALGO name bm TO 65535
  53. 13 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535
  54. 14 0 0 DROP all * * ::/0 ::/0 STRING match "protocol" ALGO name bm TO 65535
  55. 15 0 0 DROP all * * ::/0 ::/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535

本文章和脚本转载自:https://www.dwhd.org/20150915_162703.html

---

转载请注明本文标题和链接:《Linux中利用 iptables 封垃圾邮件(SPAM)和BT(磁力链接)、PT

发表评论

路人甲 表情
Ctrl+Enter快速提交