- A+
下面是一键封脚本
wget -4qO- onekey.sh/Get_Out_Spam|bash
#!/bin/bash
#########################################################################
# File Name: Get_Out_Spam.sh
# Author: LookBack
# Email: admin#dwhd.org
# Version:
# Created Time: 2015年09月15日 星期二 22时30分38秒
#########################################################################
smpt_port="25,26,465"
pop_port="109,110,995"
imap_port="143,218,220,993"
other_port="24,50,57,105,106,158,209,587,1109,24554,60177,60179"
key_word=(Subject HELO SMTP
"torrent" ".torrent" "peer_id=" "announce"
"info_hash" "get_peers" "find_node"
"BitTorrent" "announce_peer"
"BitTorrent protocol" "announce.php?passkey=")
v4iptables=`which iptables 2>/dev/null`
v6iptables=`which ip6tables 2>/dev/null`
cat_rules() {
$1 -t $2 -L OUTPUT -nvx --line-numbers
}
mangle_key_word() {
$1 -t mangle -A OUTPUT -m string --string "$2" --algo bm --to 65535 -j DROP
}
tcp_port_DROP() {
[ "$1" = "$v4iptables" ] && \
$1 -t filter -A OUTPUT -p tcp -m multiport --dports $2 -m state --state NEW,ESTABLISHED -j REJECT --reject-with icmp-port-unreachable || \
$1 -t filter -A OUTPUT -p tcp -m multiport --dports $2 -m state --state NEW,ESTABLISHED -j REJECT --reject-with tcp-reset
}
udp_port_drop() {
$1 -t filter -A OUTPUT -p udp -m multiport --dports $2 -j DROP
}
if [ -n "$v4iptables" -a -n "$v6iptables" ]; then
for i in ${key_word[@]}; do for j in $v4iptables $v6iptables; do mangle_key_word $j $i; done; done
for i in ${smpt_port} ${pop_port} ${imap_port} ${other_port}; do for j in $v4iptables $v6iptables; do tcp_port_DROP $j $i && udp_port_drop $j $i; done; done
clear && for i in $v4iptables $v6iptables; do for j in filter mangle; do cat_rules $i $j; done; done
elif [ -n "$v4iptables" ]; then
for i in ${key_word[@]}; do mangle_key_word $v4iptables $i;done
for i in ${smpt_port} ${pop_port} ${imap_port} ${other_port}; do tcp_port_DROP $v4iptables $i && udp_port_drop $v4iptables $i; done
clear && for i in filter mangle; do cat_rules $v4iptables $i;done
else
echo "Your system don't find iptables"
fi
下面是脚本执行后的结果
[root@li760-160 ~]# wget -4qO- onekey.sh/Get_Out_Spam|bash Chain OUTPUT (policy ACCEPT 1 packets, 104 bytes) num pkts bytes target prot opt in out source destination 1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with icmp-port-unreachable 2 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465 3 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with icmp-port-unreachable 4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 5 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with icmp-port-unreachable 6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 7 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with icmp-port-unreachable 8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 Chain OUTPUT (policy ACCEPT 5 packets, 2008 bytes) num pkts bytes target prot opt in out source destination 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "Subject" ALGO name bm TO 65535 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "HELO" ALGO name bm TO 65535 3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "SMTP" ALGO name bm TO 65535 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "torrent" ALGO name bm TO 65535 5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match ".torrent" ALGO name bm TO 65535 6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "peer_id=" ALGO name bm TO 65535 7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce" ALGO name bm TO 65535 8 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "info_hash" ALGO name bm TO 65535 9 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "get_peers" ALGO name bm TO 65535 10 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "find_node" ALGO name bm TO 65535 11 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 12 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce_peer" ALGO name bm TO 65535 13 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 14 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "protocol" ALGO name bm TO 65535 15 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with tcp-reset 2 0 0 DROP udp * * ::/0 ::/0 multiport dports 25,26,465 3 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with tcp-reset 4 0 0 DROP udp * * ::/0 ::/0 multiport dports 109,110,995 5 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with tcp-reset 6 0 0 DROP udp * * ::/0 ::/0 multiport dports 143,218,220,993 7 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with tcp-reset 8 0 0 DROP udp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 DROP all * * ::/0 ::/0 STRING match "Subject" ALGO name bm TO 65535 2 0 0 DROP all * * ::/0 ::/0 STRING match "HELO" ALGO name bm TO 65535 3 0 0 DROP all * * ::/0 ::/0 STRING match "SMTP" ALGO name bm TO 65535 4 0 0 DROP all * * ::/0 ::/0 STRING match "torrent" ALGO name bm TO 65535 5 0 0 DROP all * * ::/0 ::/0 STRING match ".torrent" ALGO name bm TO 65535 6 0 0 DROP all * * ::/0 ::/0 STRING match "peer_id=" ALGO name bm TO 65535 7 0 0 DROP all * * ::/0 ::/0 STRING match "announce" ALGO name bm TO 65535 8 0 0 DROP all * * ::/0 ::/0 STRING match "info_hash" ALGO name bm TO 65535 9 0 0 DROP all * * ::/0 ::/0 STRING match "get_peers" ALGO name bm TO 65535 10 0 0 DROP all * * ::/0 ::/0 STRING match "find_node" ALGO name bm TO 65535 11 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535 12 0 0 DROP all * * ::/0 ::/0 STRING match "announce_peer" ALGO name bm TO 65535 13 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535 14 0 0 DROP all * * ::/0 ::/0 STRING match "protocol" ALGO name bm TO 65535 15 0 0 DROP all * * ::/0 ::/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535 [root@li760-160 ~]#
1
文件下载
2015年9月15日 下午10:22 沙发
我的ss之前只是小范围分享 上次已经关闭了
2015年9月15日 下午10:40 1层
@追梦 你是明智的