zoukankan      html  css  js  c++  java

  • pf 封QQ

    改进版。
    nslookup 出QQ的230多个Ip地址,然后封锁 4000,8000, 80,443端口。

    引用:
    #定义所有要封锁的QQ服务器ip,以逗号分隔
    QQServerIPs = "{121.14.74.138, 121.14.74.245, 121.14.74.246, 121.14.74.247, 121.14.75.50, 121.14.75.51, 121.14.75.57, \
    121.14.75.58, 121.14.75.59, 121.14.75.60, 121.14.75.61, 121.14.75.62, 121.14.75.63, 121.14.75.64, \
    121.14.77.105, 121.14.77.106, 121.14.77.107, 219.133.38.135, 219.133.38.136, 219.133.38.230, 219.133.40.130, \
    219.133.40.138, 219.133.40.179, 219.133.40.189, 219.133.40.37, 219.133.48.101, 219.133.48.102, 219.133.48.103, \
    219.133.48.104, 219.133.48.105, 219.133.48.106, 219.133.48.107, 219.133.48.108, 219.133.48.109, 219.133.48.52, \
    219.133.48.53, 219.133.48.56, 219.133.48.57, 219.133.48.61, 219.133.48.62, 219.133.48.70, 219.133.48.72, \
    219.133.48.74, 219.133.48.75, 219.133.48.87, 219.133.48.88, 219.133.48.90, 219.133.48.91, 219.133.48.96, \
    219.133.48.97, 219.133.48.98, 219.133.48.99, 219.133.49.124, 219.133.49.125, 219.133.49.163, \
    219.133.49.164, 219.133.49.167, 219.133.49.168, 219.133.49.169, 219.133.49.170, 219.133.49.171, 219.133.49.172, \
    219.133.49.173, 219.133.49.195, 219.133.49.196, 219.133.49.198, 219.133.49.199, 219.133.49.200, 219.133.49.206, \
    219.133.49.211, 219.133.49.215, 219.133.49.216, 219.133.51.93, 219.133.60.148, 219.133.60.149, 219.133.60.15, \
    219.133.60.153, 219.133.60.16, 219.133.60.172, 219.133.60.173, 219.133.60.174, 219.133.60.18, 219.133.60.19, \
    219.133.60.20, 219.133.60.206, 219.133.60.21, 219.133.60.22, 219.133.60.23, 219.133.60.24, 219.133.60.246, \
    219.133.60.25, 219.133.60.250, 219.133.60.26, 219.133.60.27, 219.133.60.30, 219.133.60.32, 219.133.60.33, \
    219.133.60.34, 219.133.60.35, 219.133.60.36, 219.133.60.37, 219.133.60.38, 219.133.60.39, 219.133.60.71, \
    219.133.60.72, 219.133.60.74, 219.133.60.75, 219.133.62.10, 219.133.62.179, 219.133.62.2, 219.133.62.3, \
    219.133.62.4, 219.133.62.8, 219.133.62.9, 219.133.63.15, 219.133.63.53, 219.133.63.54, 58.251.60.44, \
    58.251.60.46, 58.251.60.51, 58.251.60.53, 58.251.62.14, 58.251.62.15, 58.251.62.17, 58.251.62.25, \
    58.251.62.26, 58.251.62.31, 58.251.62.35, 58.251.62.37, 58.251.62.38, 58.251.62.40, 58.251.63.56, \
    58.251.63.57, 58.251.63.58, 58.251.63.60, 58.251.63.61, 58.251.63.62, 58.251.63.64, 58.251.63.65, \
    58.251.63.66, 58.251.63.68, 58.251.63.69, 58.251.63.71, 58.251.63.72, 58.251.63.74, 58.251.63.75, \
    58.251.63.76, 58.251.63.78, 58.251.63.79, 58.60.14.101, 58.60.14.102, 58.60.14.103, 58.60.14.104, \
    58.60.14.106, 58.60.14.107, 58.60.14.108, 58.60.14.109, 58.60.14.110, 58.60.14.111, 58.60.14.113, \
    58.60.14.114, 58.60.14.115, 58.60.14.180, 58.60.14.191, 58.60.14.192, 58.60.14.193, 58.60.14.194, \
    58.60.14.195, 58.60.14.199, 58.60.14.201, 58.60.14.202, 58.60.14.32, 58.60.14.33, 58.60.14.34, \
    58.60.14.35, 58.60.14.37, 58.60.14.38, 58.60.14.39, 58.60.14.40, 58.60.14.41, 58.60.14.42, \
    58.60.14.43, 58.60.14.44, 58.60.14.45, 58.60.14.46, 58.60.14.47, 58.60.14.48, 58.60.14.49, \
    58.60.14.50, 58.60.14.51, 58.60.14.52, 58.60.14.53, 58.60.14.96, 58.60.14.97, 58.60.15.104, \
    58.60.15.31, 58.60.15.33, 58.60.15.34, 58.60.15.35, 58.60.15.36, 58.60.15.38, 58.60.15.39, \
    58.60.15.41, 58.60.15.96, 58.60.15.97, 58.60.15.98, 58.60.9.66, 58.61.165.205, 58.61.32.39, \
    58.61.32.40, 58.61.32.59, 58.61.33.120, 58.61.33.121, 58.61.34.20, 58.61.34.21, 58.61.34.24, \
    58.61.34.25, 58.61.34.26, 58.61.34.51}"

    #定义QQ连接协议类型。目前是udp优先,udp不通的话再尝试tcp
    QQServerProto = "{udp,tcp}"
    #定义QQ服务器端口。
    QQServerPorts = "{4000,8000}"
    #如果8000端口不通,QQ会尝试用web端口80和ssl端口443访问。
    QQServerwebPorts = "{80,443}"
    #定义要被封锁的内网ip段。以逗号分割。
    QQDenyClients = "{192.168.2.0/24}"

    #禁止要被封锁的内网ip段 $QQDenyClients 客户端连接任何服务器的QQServerPorts (4000,8000)端口
    block quick inet proto $QQServerProto from $QQDenyClients to any port $QQServerPorts
    block quick inet proto $QQServerProto from $QQDenyClients port $QQServerPorts to any

    #禁止要被封锁的内网ip段 $QQDenyClients 客户端连接$QQServerIPs QQ服务器的$QQServerwebPorts (80,443)端口
    block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs port $QQServerwebPorts
    block quick inet proto $QQServerProto from $QQServerIPs port $QQServerwebPorts to $QQDenyClients

    #禁止$QQServerIPs QQ服务器 连接 要被封锁的内网ip段 $QQDenyClients
    block quick inet proto $QQServerProto from $QQServerIPs to $QQDenyClients
    block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs


    自动列出qq 服务器ip的脚本:
    引用:
    cat /root/getqqip.sh
    #!/bin/sh
    #

    nslookup sz.tencent.com | grep -v \#53 | grep -i address > /root/qqip.txt
    nslookup sz.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
    nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt

    cat /root/qqip.txt | sort | uniq -c
  • 相关阅读:
    http协议中的状态码(status code),超文本传输协议状态码
    web前端逻辑计算,血的教训
    js 关于字符串转数字及数字保留位数的控制
    js,setTimeout与setInterval的用法
    javaScript 字符串与unicode码之间的相互转换,函数的封装
    基于jquery,ajax请求及自我终止的函数封装。
    进入博客园后的第一篇文章
    答:SQLServer DBA 三十问之六:Job信息我们可以通过哪些表获取;系统正在运行的语句可以通过哪些视图获取;如何获取某个T-SQL语句的IO、Time等信息;
    答:SQLServer DBA 三十问之五:有关视图索引
    答:SQLServer DBA 三十问之三:有哪些操作会使用到TempDB;如果TempDB异常变大,可能的原因是什么,该如何处理
  • 原文地址:https://www.cnblogs.com/studio313/p/1109624.html
Copyright © 2011-2022 走看看