逗比根据地 更换域名为 doub.io,并且以后不在更换域名 ,请逗比们互相转告~
逗比交流群: 271866172 / 531201358

Linux中利用 iptables 封垃圾邮件(SPAM)和BT(磁力链接)、PT

Shadowsocks Toyo 9评论
文章目录
[显示]
本文最后更新于 2017年1月9日 22:35 可能会因为没有更新而失效。如已失效或需要修正,请留言!

一些人做Shadowsocks账号分享害怕用户发垃圾邮件(SPAM)和BT、PT导致VPS被IDC封杀。

再加上最近写了两篇 VPS下载BT(磁力链接)的教程,那就正好来一个 能够封垃圾邮件(SPAM)和BT(磁力链接)、PT的脚本(转载)。

其他iptables教程:Linux中利用 iptables string模块 屏蔽泛域名(匹配字符串)


前言

不管是VPS上面直接下载BT(磁力链接),还是通过VPN、Shadowsocks代理迅雷等本地软件下载,对于 BT蜜罐 来说,记录的都是 你 VPS的IP。

然后版权公司就会根据记录的VPS IP去联系对应的IDC,递交律师函,说明一下这个IP下载盗版文件涉及侵权,于是IDC就会支付侵权费用,一些IDC会把律师函转发给你然后再封VPS,不过大部分都是二话不说直接封了VPS。

因为IDC已经支付了侵权费用,所以一般情况下都不会解封的,除非你把这钱交了,不过这还不如再买一个VPS。

所以做Shadowsocks代理的VPS,一定要使用这个脚本来做防范,避免被坑。

一键脚本

wget -4qO- softs.pw/Bash/Get_Out_Spam.sh|bash

很简单,只要在VPS上面运行这个命令,就会自动添加iptables规则。

注意:既然是iptables防火墙规则,那VPS肯定是要安装iptables的,不过一般都安装的有,除了坑爹的CentOS7需要关闭自带的防火墙安装iptables。
注意:本脚本非常的暴力,直接封杀了所有的邮件端口,同时过滤任何包含BT(磁力链接)字眼的网站和链接!

脚本执行后的提示:

[root@li760-160 ~]# wget -4qO- onekey.sh/Get_Out_Spam|bash
Chain OUTPUT (policy ACCEPT 1 packets, 104 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with icmp-port-unreachable
2 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465
3 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with icmp-port-unreachable
4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995
5 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with icmp-port-unreachable
6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993
7 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with icmp-port-unreachable
8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179
Chain OUTPUT (policy ACCEPT 5 packets, 2008 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "Subject" ALGO name bm TO 65535
2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "HELO" ALGO name bm TO 65535
3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "SMTP" ALGO name bm TO 65535
4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "torrent" ALGO name bm TO 65535
5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match ".torrent" ALGO name bm TO 65535
6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "peer_id=" ALGO name bm TO 65535
7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce" ALGO name bm TO 65535
8 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "info_hash" ALGO name bm TO 65535
9 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "get_peers" ALGO name bm TO 65535
10 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "find_node" ALGO name bm TO 65535
11 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535
12 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce_peer" ALGO name bm TO 65535
13 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535
14 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "protocol" ALGO name bm TO 65535
15 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 25,26,465 state NEW,ESTABLISHED reject-with tcp-reset
2 0 0 DROP udp * * ::/0 ::/0 multiport dports 25,26,465
3 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with tcp-reset
4 0 0 DROP udp * * ::/0 ::/0 multiport dports 109,110,995
5 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with tcp-reset
6 0 0 DROP udp * * ::/0 ::/0 multiport dports 143,218,220,993
7 0 0 REJECT tcp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ESTABLISHED reject-with tcp-reset
8 0 0 DROP udp * * ::/0 ::/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all * * ::/0 ::/0 STRING match "Subject" ALGO name bm TO 65535
2 0 0 DROP all * * ::/0 ::/0 STRING match "HELO" ALGO name bm TO 65535
3 0 0 DROP all * * ::/0 ::/0 STRING match "SMTP" ALGO name bm TO 65535
4 0 0 DROP all * * ::/0 ::/0 STRING match "torrent" ALGO name bm TO 65535
5 0 0 DROP all * * ::/0 ::/0 STRING match ".torrent" ALGO name bm TO 65535
6 0 0 DROP all * * ::/0 ::/0 STRING match "peer_id=" ALGO name bm TO 65535
7 0 0 DROP all * * ::/0 ::/0 STRING match "announce" ALGO name bm TO 65535
8 0 0 DROP all * * ::/0 ::/0 STRING match "info_hash" ALGO name bm TO 65535
9 0 0 DROP all * * ::/0 ::/0 STRING match "get_peers" ALGO name bm TO 65535
10 0 0 DROP all * * ::/0 ::/0 STRING match "find_node" ALGO name bm TO 65535
11 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535
12 0 0 DROP all * * ::/0 ::/0 STRING match "announce_peer" ALGO name bm TO 65535
13 0 0 DROP all * * ::/0 ::/0 STRING match "BitTorrent" ALGO name bm TO 65535
14 0 0 DROP all * * ::/0 ::/0 STRING match "protocol" ALGO name bm TO 65535
15 0 0 DROP all * * ::/0 ::/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535

其他iptables教程:Linux中利用 iptables string模块 屏蔽泛域名(匹配字符串)

本文章和脚本转载自:https://www.dwhd.org/20150915_162703.html

转载请超链接注明:逗比根据地 » Linux中利用 iptables 封垃圾邮件(SPAM)和BT(磁力链接)、PT
责任声明:本站一切资源均原创或收集自互联网,仅作交流学习之用,请勿用作商业!如造成任何后果,本站概不负责!

赞 (8)
发表我的评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
(9)个小伙伴在吐槽
  1. centOs6.8添加出错 说Could not open socket to kernel: Address family not supported by protocol 还有ip6tables v1.4.7: can't initialize ip6tables table `filter': Address family not supported by protocol Perhaps ip6tables or your kernel needs to be upgraded.
    end2017-01-11 08:26 回复
    • iptables似乎不支持这种过滤方式,建议升级iptables,多半是因为版本低造成的。或者说是模块没有。
      Toyo2017-01-11 12:39 回复
  2. 阿里云添加出问题 [root@iZj6cewmie535g62er0v5sZ ~]# wget -4qO- softs.pw/Bash/Get_Out_Spam.sh|bash Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Could not open socket to kernel: Address family not supported by protocol Chain OUTPUT (policy ACCEPT 2 packets, 272 bytes) num pkts bytes target prot opt in out source destinati on 1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 state NEW,ESTABLISHED reject-with icmp-port-unreac hable 2 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with icmp-port-unreacha ble 3 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with icmp-port-unre achable 4 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ES TABLISHED reject-with icmp-port-unreachable 5 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 state NEW,ESTABLISHED reject-with icmp-port-unreac hable 6 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 109,110,995 state NEW,ESTABLISHED reject-with icmp-port-unreacha ble 7 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 143,218,220,993 state NEW,ESTABLISHED reject-with icmp-port-unre achable 8 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 24,50,57,105,106,158,209,587,1109,24554,60177,60179 state NEW,ES TABLISHED reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 9 packets, 4220 bytes) num pkts bytes target prot opt in out source destinati on 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "Subject" ALGO name bm TO 65535 2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "HELO" ALGO name bm TO 65535 3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "SMTP" ALGO name bm TO 65535 4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "torrent" ALGO name bm TO 65535 5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match ".torrent" ALGO name bm TO 65535 6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "peer_id=" ALGO name bm TO 65535 7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce" ALGO name bm TO 65535 8 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "info_hash" ALGO name bm TO 65535 9 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "get_peers" ALGO name bm TO 65535 10 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "find_node" ALGO name bm TO 65535 11 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 12 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce_peer" ALGO name bm TO 65535 13 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 14 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "protocol" ALGO name bm TO 65535 15 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535 16 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "Subject" ALGO name bm TO 65535 17 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "HELO" ALGO name bm TO 65535 18 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "SMTP" ALGO name bm TO 65535 19 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "torrent" ALGO name bm TO 65535 20 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match ".torrent" ALGO name bm TO 65535 21 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "peer_id=" ALGO name bm TO 65535 22 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce" ALGO name bm TO 65535 23 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "info_hash" ALGO name bm TO 65535 24 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "get_peers" ALGO name bm TO 65535 25 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "find_node" ALGO name bm TO 65535 26 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 27 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce_peer" ALGO name bm TO 65535 28 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "BitTorrent" ALGO name bm TO 65535 29 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "protocol" ALGO name bm TO 65535 30 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 STRING match "announce.php?passkey=" ALGO name bm TO 65535 ip6tables v1.4.7: can't initialize ip6tables table `filter': Address family not supported by protocol Perhaps ip6tables or your kernel needs to be upgraded. ip6tables v1.4.7: can't initialize ip6tables table `mangle': Address family not supported by protocol Perhaps ip6tables or your kernel needs to be upgraded. [root@iZj6cewmie535g62er0v5sZ ~]# [root@iZj6cewmie535g62er0v5sZ ~]#
    阿里云添加出问题2017-01-10 11:17 回复
  3. 可以开机自启动么(ฅ>ω<*ฅ)
    niconiconi2017-01-01 23:43 回复
    • Debian/Ubuntu的不需要开机启动重新添加,防火墙规则会自动保存,开机会读取重启前的防火墙规则。Centos 好像要执行一下 service iptables save 保存一下,具体也不是很清楚,Centos很少玩,你自己查一下吧。
      Toyo2017-01-02 11:44 回复
  4. 感谢Toyo分享,这个脚本非常给力,测试只要包含以上关键字的出口数据都成功Drop
    XX美图2016-12-28 23:10 回复
  5. 请问 vps 防spam, BT 的脚本用了后。对SS速度有啥影响? ss客户端侧 如果要发正常邮件,是不是也发不成了?
    black2016-12-24 10:59 回复
    • 对SS速度没影响,让BT下载软件或发邮件软件走SS客户端的代理,会无法下载BT和发送邮件,你可以测试一下。
      Toyo2016-12-24 12:10 回复
  6. 博主,debian上有没有支持泛域名屏蔽的程序,shadowsocks用的
    路人甲2016-12-09 20:12 回复