* kazaa rulset
@ 2003-07-28 21:42 juanca
2003-07-28 21:51 ` Shawn
0 siblings, 1 reply; 4+ messages in thread
From: juanca @ 2003-07-28 21:42 UTC (permalink / raw)
To: netfilter
iptables -A INPUT -s kazaa.com -p tcp -j DROP
iptables -A INPUT -d kazaa.com -p tcp -j DROP
iptables -A INPUT -s kazaa.com -p udp -j DROP
iptables -A INPUT -d kazaa.com -p udp -j DROP
iptables -A FORWARD -s 0/0 -p tcp --dport 1214 -j REJECT
iptables -A FORWARD -d 213.248.112.0/24 -j REJECT
iptables -A FORWARD -d 206.142.53.0/24 -j REJECT
iptables -A OUTPUT -p tcp --dport 1214 -j DROP
iptables -A OUTPUT -p udp --dport 1214 -j DROP
iptables -A INPUT -p tcp --sport 1214 -j DROP
iptables -A INPUT -p udp --sport 1214 -j DROP
iptables -A FORWARD -p tcp --dport 1214 -j DROP
iptables -A FORWARD -p udp --dport 1214 -j DROP
iptables -A OUTPUT -p tcp --dport 8000:8999 -j DROP
iptables -A OUTPUT -p udp --dport 8000:8999 -j DROP
iptables -A OUTPUT -p tcp -d 66.80.62.34 -j DROP
iptables -A OUTPUT -p tcp -d 205.188.245.120 -j DROP
iptables -A OUTPUT -p tcp -d 64.12.168.244 -j DROP
iptables -A OUTPUT -p tcp -d 66.218.70.39 -j DROP
iptables -A OUTPUT -p tcp -d 64.245.54.0/24 -j DROP
iptables -A FORWARD -d a64-124-29-52.deploy.akamaitechnologies.com -j
REJECT
iptables -A FORWARD -d 64.124.29.52 -j REJECT
iptables -A FORWARD -d 64.230.160.147 -j REJECT
iptables -A FORWARD -d 68.83.112.75 -j REJECT
iptables -A FORWARD -d 68.60.210.234 -j REJECT
iptables -A FORWARD -d 207.112.54.21 -j REJECT
iptables -A FORWARD -d 64.230.160.147 -j REJECT
iptables -A FORWARD -d 61.218.91.171 -j REJECT
iptables -A FORWARD -d 61.218.91.171 -j REJECT
iptables -A FORWARD -p tcp --dport 6346:6347 -j DROP
iptables -A FORWARD -p udp --dport 6346:6347 -j DROP
iptables -A FORWARD -p tcp --dport 4660:4666 -j DROP
iptables -A FORWARD -p udp --dport 4660:4666 -j DROP
iptables -I FORWARD -i eth0 -p tcp -m string --string "KazaaClient" -j
REJECT --reject-with tcp-reset
iptables -I FORWARD -p tcp -m string --string "KazaaClient" -j REJECT
--reject-with tcp-reset
iptables -I FORWARD -p tcp -m string --string "KazaaClient" -j REJECT
--reject-with tcp-reset
iptables -A FORWARD -d a342.g.akamai.net -p tcp tcp -j DROP
iptables -A FORWARD -d a342.g.akamai.net -p tcp udp -j DROP
iptables -A FORWARD -d 63.208.194.47 -j REJECT
iptables -A FORWARD -d 63.208.194.6 -j REJECT
iptables -A FORWARD -d 206.142.53.0/24 -j REJECT
iptables -A FORWARD -d 213.248.112.0/24 -j REJECT
iptables -A FORWARD -m string --string "X-Kazaa-Username:" -j REJECT
--reject-with tcp-reset
iptables -A FORWARD -m string --string "X-Kazaa-Network:" -j REJECT
--reject-with tcp-reset
iptables -A FORWARD -m string --string "X-Kazaa-IP:" -j REJECT
--reject-with tcp-reset
iptables -A FORWARD -m string --string "X-Kazaa-SupernodeIP" -j REJECT
--reject-with tcp-reset
iptables -A FORWARD -m string --string "Kazaa" -j REJECT --reject-with
tcp-reset
iptables -t mangle -A PREROUTING -p tcp -m --string "Kazaa" -j DROP
iptables -A FORWARD -m state --state NEW,INVALID -j REJECT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -p tcp -m state --state NEW -m string --string
"Kazaa" -j DROP
this is my rulset but get this message when run the script what`s wrong?
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
Bad argument `tcp'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `udp'
Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables v1.2.6a: Couldn't load match
`--string':/lib/iptables/libipt_--string.so: cannot open shared object
file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: kazaa rulset
2003-07-28 21:42 kazaa rulset juanca
@ 2003-07-28 21:51 ` Shawn
2003-07-29 0:40 ` state --string Ralf Braga
0 siblings, 1 reply; 4+ messages in thread
From: Shawn @ 2003-07-28 21:51 UTC (permalink / raw)
To: juanca; +Cc: netfilter@lists.netfilter.org
Having some trouble?
On Mon, 2003-07-28 at 16:42, juanca wrote:
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> iptables -A FORWARD -p tcp -m state --state NEW -m string --string
> "Kazaa" -j DROP
>
> this is my rulset but get this message when run the script what`s wrong?
> iptables: No chain/target/match by that name
> iptables: No chain/target/match by that name
> Bad argument `tcp'
> Try `iptables -h' or 'iptables --help' for more information.
> Bad argument `udp'
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name
> iptables: No chain/target/match by that name
> iptables: No chain/target/match by that name
> iptables: No chain/target/match by that name
> iptables: No chain/target/match by that name
> iptables v1.2.6a: Couldn't load match
> `--string':/lib/iptables/libipt_--string.so: cannot open shared object
> file: No such file or directory
>
> Try `iptables -h' or 'iptables --help' for more information.
> iptables: No chain/target/match by that name
^ permalink raw reply [flat|nested] 4+ messages in thread
* state --string
2003-07-28 21:51 ` Shawn
@ 2003-07-29 0:40 ` Ralf Braga
2003-07-29 9:22 ` Maciej Soltysiak
0 siblings, 1 reply; 4+ messages in thread
From: Ralf Braga @ 2003-07-29 0:40 UTC (permalink / raw)
To: Shawn; +Cc: juanca, netfilter@lists.netfilter.org
Hi Friends,
How do for write the rule as bellow ?
iptables -A FORWARD -p tcp -m state --state NEW -m string --string
Have you what compile the module string ?
Thanks,
Ralf Braga
Shawn wrote:
>Having some trouble?
>
>On Mon, 2003-07-28 at 16:42, juanca wrote:
>
>
>>iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
>>iptables -A FORWARD -p tcp -m state --state NEW -m string --string
>>"Kazaa" -j DROP
>>
>>this is my rulset but get this message when run the script what`s wrong?
>>iptables: No chain/target/match by that name
>>iptables: No chain/target/match by that name
>>Bad argument `tcp'
>>Try `iptables -h' or 'iptables --help' for more information.
>>Bad argument `udp'
>>Try `iptables -h' or 'iptables --help' for more information.
>>iptables: No chain/target/match by that name
>>iptables: No chain/target/match by that name
>>iptables: No chain/target/match by that name
>>iptables: No chain/target/match by that name
>>iptables: No chain/target/match by that name
>>iptables v1.2.6a: Couldn't load match
>>`--string':/lib/iptables/libipt_--string.so: cannot open shared object
>>file: No such file or directory
>>
>>Try `iptables -h' or 'iptables --help' for more information.
>>iptables: No chain/target/match by that name
>>
>>
>
>
>
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: state --string
2003-07-29 0:40 ` state --string Ralf Braga
@ 2003-07-29 9:22 ` Maciej Soltysiak
0 siblings, 0 replies; 4+ messages in thread
From: Maciej Soltysiak @ 2003-07-29 9:22 UTC (permalink / raw)
To: Ralf Braga; +Cc: Shawn, juanca, netfilter@lists.netfilter.org
> iptables -A FORWARD -p tcp -m state --state NEW -m string --string
>
> Have you what compile the module string ?
Take a look at patch-o-matic, patch your kernel, compile the module,
compile iptables sources to get the userspace module. Use the rules.
Regards,
Maciej
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-07-29 9:22 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-07-28 21:42 kazaa rulset juanca
2003-07-28 21:51 ` Shawn
2003-07-29 0:40 ` state --string Ralf Braga
2003-07-29 9:22 ` Maciej Soltysiak
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.