我单位QQ玩疯了,如何封杀之
各位高手,能否指点小弟一二回复 1# 的帖子
panabit就行了,ros不能做好这工作 用3.0的Layer 7 protocol 我发过资料的,你们怎么不喜欢用论坛搜索功能? 就是zooyo同志不发资料,做为一个网管,也应该自己去核对tencent的服务器地址进行封Q啊。我这样做了,为什么还是封不了呀
/ ip firewall filteradd chain=forward src-address=10.5.6.7/32 action=accept comment="封QQ"
ad ch forward pr tcp dst-po 8000 act drop comment="封QQ"
ad ch forward pr udp dst-po 8000 act drop comment="封QQ"
add chain=forward dst-address=61.144.238.0/24 action=drop comment="封QQ"
add chain=forward dst-address=61.152.100.0/24 action=drop comment="封QQ"
add chain=forward dst-address=61.141.194.0/24 action=drop comment="封QQ"
add chain=forward dst-address=202.96.170.163/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.129.0/24 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.20/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.11/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.12/32 action=drop comment="封QQ"
add chain=forward dst-address=218.17.209.23/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.153/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.165/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.220/32 action=drop comment="封QQ"
add chain=forward dst-address=218.85.138.70/32 action=drop comment="封QQ"
add chain=forward dst-address=219.133.38.0/24 action=drop comment="封QQ"
add chain=forward dst-address=219.133.49.0/24 action=drop comment="封QQ"
add chain=forward dst-address=220.133.40.0/24 action=drop comment="封QQ"
add chain=forward content=sz.tencent.com action=reject comment="封QQ"
add chain=forward content=sz2.tencent.com action=reject comment="封QQ"
add chain=forward content=sz3.tencent.com action=reject comment="封QQ"
add chain=forward content=sz4.tencent.com action=reject comment="封QQ"
add chain=forward content=sz5.tencent.com action=reject comment="封QQ"
add chain=forward content=sz6.tencent.com action=reject comment="封QQ"
add chain=forward content=sz7.tencent.com action=reject comment="封QQ"
add chain=forward content=sz8.tencent.com action=reject comment="封QQ"
add chain=forward content=tcpconn.tencent.com action=reject comment="封QQ"
add chain=forward content=tcpconn2.tencent.com action=reject comment="封 QQ"
add chain=forward content=tcpconn3.tencent.com action=reject comment="封 QQ"
add chain=forward content=tcpconn4.tencent.com action=reject comment="封 QQ"
add chain=forward content=qq.com action=reject comment="封QQ"
add chain=forward content=www.qq.com action=reject comment="封QQ"
还有一事相求
问题在图片中 原帖由 zooyo 于 2007-10-31 00:41 发表 http://bbs.routerclub.com/images/common/back.gif我发过资料的,你们怎么不喜欢用论坛搜索功能?
zooyo兄,我用以下脚本(附后)就己经成功封了内网的QQgame,好像比你发的那个贴子(“成功封锁QQGame,不影响QQ聊天使用。”http://bbs.routerclub.com/thread-27666-1-1.html)简单一些。但是QQ却还是能上的。
我用的是这样的脚本
/ ip firewall filter
add chain=forward src-address=10.5.6.7/32 action=accept comment="封QQ"
ad ch forward pr tcp dst-po 8000 act drop comment="封QQ"
ad ch forward pr udp dst-po 8000 act drop comment="封QQ"
add chain=forward dst-address=61.144.238.0/24 action=drop comment="封QQ"
add chain=forward dst-address=61.152.100.0/24 action=drop comment="封QQ"
add chain=forward dst-address=61.141.194.0/24 action=drop comment="封QQ"
add chain=forward dst-address=202.96.170.163/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.129.0/24 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.20/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.11/32 action=drop comment="封QQ"
add chain=forward dst-address=202.104.193.12/32 action=drop comment="封QQ"
add chain=forward dst-address=218.17.209.23/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.153/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.165/32 action=drop comment="封QQ"
add chain=forward dst-address=218.18.95.220/32 action=drop comment="封QQ"
add chain=forward dst-address=218.85.138.70/32 action=drop comment="封QQ"
add chain=forward dst-address=219.133.38.0/24 action=drop comment="封QQ"
add chain=forward dst-address=219.133.49.0/24 action=drop comment="封QQ"
add chain=forward dst-address=220.133.40.0/24 action=drop comment="封QQ"
add chain=forward content=sz.tencent.com action=reject comment="封QQ"
add chain=forward content=sz2.tencent.com action=reject comment="封QQ"
add chain=forward content=sz3.tencent.com action=reject comment="封QQ"
add chain=forward content=sz4.tencent.com action=reject comment="封QQ"
add chain=forward content=sz5.tencent.com action=reject comment="封QQ"
add chain=forward content=sz6.tencent.com action=reject comment="封QQ"
add chain=forward content=sz7.tencent.com action=reject comment="封QQ"
add chain=forward content=sz8.tencent.com action=reject comment="封QQ"
add chain=forward content=tcpconn.tencent.com action=reject comment="封QQ"
add chain=forward content=tcpconn2.tencent.com action=reject comment="封 QQ"
add chain=forward content=tcpconn3.tencent.com action=reject comment="封 QQ"
add chain=forward content=tcpconn4.tencent.com action=reject comment="封 QQ"
add chain=forward content=qq.com action=reject comment="封QQ"
add chain=forward content=www.qq.com action=reject comment="封QQ"
不知第二行的“10.5.6.7/32”是否应该换成我们内网的网关“192.168.1.1”
回复 8# 的帖子
太复杂了啊,看panabit怎封:序号 方向 源地址->目的地址 协议 动作 IP限速 匹配后
1 下行 any->any 伪IE下载 p2p下载 100kb/s 停止 编辑 删除
2 下行 any->any HTTP分块传输 p2p下载 200kb/s 停止 编辑 删除
5 下行 any->any 传统协议 http 800kb/s 停止 编辑 删除
6 下行 any->any 迅雷 p2p下载 1kb/s 停止 编辑 删除
7 上行 any->any 迅雷 p2p上传 1kb/s 停止 编辑 删除
10 下行 any->any 网络电视 阻断 500kb/s 停止 编辑 删除
20 上行 any->any 网络电视 阻断 500kb/s 停止 编辑 删除
40 下行 any->any P2P下载 p2p下载 700kb/s 停止 编辑 删除
50 上行 any->any P2P下载 p2p上传 700kb/s 停止 编辑 删除
封QQ或者网络游戏方法类似 全部加入活动目录,用组策略集体删除 就OK啦!想封它不一定要在路由器做,我还有很多更简单办法。。
是东莞的可以打电话给我(13580878887)。。。
页:
[1]