Re: [CentOS-es] Liberar webmail

Francisco Santos Wed, 20 Oct 2010 07:17:18 -0700

 El 19/10/2010 04:30 p.m., Miguel Villavicencio escribió:

Hola:


Envia el archivo para revisar como haces para bloquear, gracias.

Saludos,


Miguel Villavicencio G.

Date: Tue, 19 Oct 2010 16:24:04 -0500
From: fsan...@rocaautomotriz.com.mx
To: centos-es@centos.org
Subject: Re: [CentOS-es] Liberar webmail

El 19/10/2010 03:25 p.m., ruben guerra nina escribió:

Hola Estimados usuarios de Linux
Tengo un problema para bloquear ultrasurf, ya que esta aplicacion usa el pto 
443, que tambien lo usan los webmail, como podria liberar el mail.google.com ?
74.125.47.1974.125.47.1874.125.47.1774.125.47.83
Tengo las reglas siguientes
#Bloqueo ultrasurfiptables -A FORWARD -p tcp --dport 9666 -j DROPiptables -A 
FORWARD -p tcp --dport 443 -j DROP
#Liberar direcciones de: mail.google.comiptables -A FORWARD -s 192.168.12.0/24 
-d 74.125.47.19/8 -p tcp --dport 443 -j ACCEPTiptables -A FORWARD -s 
74.125.47.19/8 -d 192.168.12.0/24 -p tcp --sport 443 -j ACCEPT
iptables -A FORWARD -s 192.168.12.0/24 -d 74.125.47.18/8 -p tcp --dport 443 -j 
ACCEPTiptables -A FORWARD -s 74.125.47.18/8 -d 192.168.12.0/24 -p tcp --sport 
443 -j ACCEPT
iptables -A FORWARD -s 192.168.12.0/24 -d 74.125.47.83/8 -p tcp --dport 443 -j 
ACCEPTiptables -A FORWARD -s 74.125.47.83/8 -d 192.168.12.0/24 -p tcp --sport 
443 -j ACCEPT
iptables -A FORWARD -s 192.168.12.0/24 -d 74.125.47.17/8 -p tcp --dport 443 -j 
ACCEPTiptables -A FORWARD -s 74.125.47.17/8 -d 192.168.12.0/24 -p tcp --sport 
443 -j ACCEPT
Saludos
_______________________________________________
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

no se si te sirva yo he intentado bastantes formas de bloquear ultrasurf
pero la verdad tiene cientos de ips zombies y eso complica la situacion
ya que la mayoria me han funcionado temporalmente la unica forma que yo
encontre fue bloquear todo el trafico https (443) y voy liberando lo que
mis usuarios necesitan (bancos, gmail, paypal y otras) tengo una lista
blanca de sitios https entre ellas van ips de gmail tengo un archivo txt
y cada vez que necesito liberar una ip solo la agrego al txt y vuelvo a
ejecutar el script. para que cargue la ip nueva y asi no saturar de
reglas mi script de firewall si te sirve dime para mandarte el archivo
con las ips..

--
Este mensaje ha sido analizado por MailScanner
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.
For all your IT requirements visit: http://www.transtec.co.uk

_______________________________________________
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

                                        
_______________________________________________
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

mira esta es la regla que me permite hacer eso que te comentaba con lalista de ips blancas




echo abriendo puerto 443 para ips
sleep 1
for ipfilehttps in `cat /etc/rc.d/ipfile.txt`
do

echo `iptables -A FORWARD -s 192.168.0.0/24 -i ${INTIF} -d${ipfilehttps} -p tcp --dport 443 -m state --stateNEW,ESTABLISHED,RELATED -j ACCEPT`

done

y el archivo /etc/rc.d/ipfile.txt te lo adjunto son pocas ips pero teservira como base


salu2 y suerte

--
Este mensaje ha sido analizado por MailScanner
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.
For all your IT requirements visit: http://www.transtec.co.uk

74.125.227.18
201.147.90.70
65.54.51.29
148.243.71.216
200.57.34.31
199.7.50.231
201.134.9.94
200.57.34.31
148.243.71.216
200.57.34.31
65.55.62.59
129.9.64.138
129.9.64.138
199.7.60.231
199.7.54.231
200.57.34.31
199.7.55.231
92.48.73.0/24
200.33.84.40
65.55.187.221
67.216.181.80
65.55.187.221
67.216.181.80
65.55.187.221
67.216.181.80
65.200.11.152
207.46.118.185
17.254.2.134
129.9.96.107
209.119.121.80
129.9.96.141
129.9.96.0/24
129.9.64.0/24
207.46.31.61
207.46.31.0/24
65.55.39.0/24
209.119.121.0/24
83.167.233.0/24
67.216.181.0/24
80.181.216.0/24
148.244.43.0/24
129.9.96.0/24
200.53.115.0/24
189.204.6.0/24
67.215.65.0/24
148.223.138.0/24
69.192.40.0/24
69.192.37.0/24
65.54.186.0/24
184.50.8.0/24
184.50.5.0/24
65.54.186.0/24
216.9.251.0/24
216.9.248.0/24
205.145.130.0/24
200.52.70.0/24
148.233.230.0/24
208.67.219.0/24
64.233.183.0/24
208.67.219.0/24
201.147.90.82
63.245.221.11
63.245.209.115
74.125.157.0/24
216.168.252.110
199.7.54.231
201.144.40.239
12.150.199.18
66.235.132.118
12.150.199.12
148.244.43.211
12.150.199.12
12.150.199.203
65.55.13.62
200.56.122.25
129.9.70.52
129.9.64.138
129.9.64.141
129.9.96.141
208.67.219.230
74.125.19.83
72.247.49.155
99.226.54.197
99.199.103.123
98.245.96.88
98.222.61.245
97.82.152.7
92.33.160.22
91.155.13.72
89.195.195.18
87.126.216.69
86.131.173.33
85.141.82.51
83.132.13.152
80.161.91.25
80.160.91.12
78.139.172.89
77.56.152.209
77.220.5.238
76.21.126.164
76.20.197.68
76.18.89.169
76.116.42.74
75.74.245.222
74.197.71.39
74.197.71.39
74.138.231.232
74.125.95.83
74.125.95.19
74.125.47.83
74.125.47.18
74.125.43.83
74.125.43.18
74.125.159.147
74.125.159.104
74.125.155.83
74.125.155.19
74.125.113.99
74.125.113.97
74.125.113.96
74.125.113.83
74.125.113.18
74.125.113.17
74.125.113.147
74.125.113.104
74.125.113.103
72.49.159.242
72.30.11.242
72.222.146.68
72.174.20.161
72.14.247.97
72.14.205.99
72.14.205.104
71.82.52.127
71.79.66.101
71.66.227.221
71.57.218.247
71.234.159.247
71.225.72.58
71.146.89.158
71.119.253.17
70.160.95.79
70.160.95.79
70.128.107.233
7.189.121.249
69.76.51.142
69.254.235.14
69.226.111.90
69.18.231.14
69.18.231.14
69.107.251.72
68.38.24.205
68.38.193.15
67.174.30.156
67.163.20.169
67.162.123.164
66.235.181.9
66.235.180.9
66.235.128.158
66.163.169.186
66.118.228.30
65.55.52.179
65.55.251.108
65.55.251.108
65.55.195.253
65.55.195.252
65.55.157.61
65.55.157.59
65.55.13.62
65.55.13.61
65.55.13.126
65.54.254.139
65.54.238.254
65.54.234.78
65.54.234.14
65.54.234.14
65.54.225.100
65.54.186.79
65.54.186.77
65.54.186.49
65.54.186.48
65.54.186.47
65.54.186.19
65.54.186.17
65.54.186.107
65.54.165.179
65.54.165.177
65.54.165.136
65.54.165.135
64.4.34.249
64.246.49.61
64.246.49.60
64.246.48.23
63.88.212.183
63.245.209.92
63.245.209.91
63.245.209.16
63.115.41.71
60.35.58.231
4.23.63.113
4.184.102.70
29.208.100.34
24.83.1.110
24.62.94.214
24.18.234.109
24.18.234.109
222.150.33.34
216.252.124.207
216.244.183.135
216.168.252.134
216.168.241.50
212.8.163.76
212.72.49.143
212.72.49.142
212.72.49.141
212.235.174.171
212.235.174
209.85.225.99
209.85.225.99
209.85.225.103
209.62.176.52
209.191.92.114
209.160.22.157
209.145.75.214
208.94.57.236
208.94.57.202
208.109.217.168
207.46.120.162
207.46.113.78
207.46.113.222
207.46.113.220
207.249.90.183
207.207.2.105
205.157.102.42
204.220.30.234
201.72.212.143
201.68.234.98
201.250.214.41
201.236.240.84
201.233.118.186
201.221.153.23
201.221.153.23
201.212.150.159
201.208.137.90
201.175.38.199
201.148.141.37
201.148.141.36
201.144.40.239
200.94.128.59
200.79.8.36
200.79.8.35
200.76.152.227
200.57.64.67
200.57.64.66
200.57.34.31
200.57.141.27
200.57.141.202
200.53.120.85
200.44.32.123
200.33.74.83
200.33.74.126
200.33.202.75
200.23.76.66
200.16.50.21
195.98.166.126
195.46.253.219
195.215.8.145
195.215.8.141
194.165.188.93
194.165.188.79
193.88.6.13
193.88.6.13
192.216.212.246
192.216.212.190
192.193.229.115
192.193.229.100
192.193.205.115
192.193.205.100
190.77.202.52
190.77.148.191
190.74.126.59
190.204.169.87
190.200.138.37
190.165.35.70
189.52.144.102
189.18.8.152
188.2.199.73
187.27.210.141
187.141.1.187
187.141.1.163
187.141.1.128
173.26.129.211
173.23.214.244
168.75.154.178
168.75.154.166
159.178.12.50
152.92.133.61
148.245.223.152
148.245.223.149
148.244.43.79
148.244.43.72
148.244.43.66
148.244.43.59
148.244.43.5
148.244.43.49
148.244.43.32
148.244.43.211
148.244.43.16
148.244.43.151
148.244.43.150
148.244.43.149
148.244.43.148
148.244.43.145
148.244.43.144
148.244.43.144
148.244.43.143
148.235.164.173
143.107.231.110
130.117.72.100
129.9.96.142
129.9.96.140
129.9.96.139
129.9.70.77
129.9.70.76
129.9.70.52
129.9.64.142
129.9.64.141
129.9.64.139
129.9.64.138
129.9.235.253
129.9.233.14
129.9.233.13
129.9.233.12
129.9.232.19
129.9.155.36
129.9.119.253
129.9.117.15
129.9.117.14
129.9.117.12
129.9.117.11
129.9.116.68
129.130.52.33
128.148.60.205
122.118.66.149
12.8.163.76
117.123.252.110
114.76.139.126
6.25.118.70
129.9.96.107
129.9.64.107
209.191.92.114
63.240.89.232
68.142.229.15
206.190.37.21
143.116.116.201
74.125.155.104
74.125.155.147
200.57.42.8
200.57.42.8
129.9.64.142
148.244.43.211
206.33.56.116
74.125.155.99
74.125.155.97
129.9.64.138
129.9.70.85
201.175.38.16
201.134.9.88
200.94.130.228
65.54.165.179
63.101.150.80
207.46.113.93
209.191.92.114
204.160.111.116
204.2.215.19
209.84.2.113
96.7.23.54
204.2.215.18
74.125.159.0/24
216.239.51.0/24
66.249.81.0/24
198.87.182.146
8.12.213.113
65.55.184.26
204.107.28.181
129.9.64.138
129.9.64.139
198.87.182.173
129.9.64.138
64.154.84.50
200.16.50.21
200.16.36.5
74.125.19.106
65.54.225.101
74.125.19.99
74.125.155.106
66.102.7.99
129.9.64.107
129.9.64.138
205.141.198.239
129.9.70.85
168.75.154.166
63.115.41.235
74.125.127.105
74.125.127.147
65.55.195.251
74.125.127.18/24
69.192.37.155
216.236.233.62
66.235.140.167
12.29.100.25
12.29.100.16
69.192.35.119
200.33.74.98
200.16.52.10
200.16.39.10
74.201.74.193
74.201.74.52
74.201.74.52
216.52.233.205
216.52.233.201
200.79.8.48
205.157.103.38
208.94.57.11
66.102.7.106
66.102.7.83
129.9.64.141
216.252.124.32
204.160.111.116
216.252.124.32
209.191.92.114
129.9.96.138
129.9.64.137
12.29.100.45
201.116.75.213
12.29.100.45
12.29.100.245
chrysler.com
gmail.com
google.com
yahoo.com
yahoo.com.mx
ticketmaster.ca
ticketmaster.com.mx
65.55.251.105
198.87.182.146
209.104.58.144
64.34.251.150
63.88.212.91
209.104.35.228
tmcs.net
69.192.116.199
216.52.233.248
129.9.64.141
129.9.64.138
187.141.1.40
63.88.212.91
209.104.35.228
64.34.251.150
209.104.59.25
209.104.56.146
65.54.234.13
209.104.56.21
google.com
mail.google.com
66.102.7.103
209.196.36.82
157.216.205.76
216.205.76.157
201.130.47.46
66.77.13.164
129.9.64.140
129.9.96.138
129.9.64.57
65.54.186.79
65.54.165.136
216.52.233.189
66.103.238.179
66.103.238.180
129.9.102.85
129.9.64.139
129.9.96.138
209.85.225.105
209.85.225.83
74.125.65.103
208.67.219.231
208.67.219.231
74.125.19.19
66.102.7.97
65.54.186.49
207.46.113.93
65.54.52.75
65.54.52.75
207.46.113.93
65.54.186.49
207.46.77.160
65.54.165.179
65.54.165.177
65.54.165.177
65.54.165.137
65.54.165.137
207.46.113.89
207.46.113.89
contacts.msn.com
65.54.186.47
207.46.113.89
200.16.50.21
200.16.39.10
65.55.195.252
82.150.226.140
208.67.219.132
201.144.40.239
200.23.157.15
200.23.157.25
200.23.157.12
129.9.40.91
196.40.22.203
66.235.132.121
196.40.22.200
66.235.132.118
196.40.22.202
208.67.219.230
64.233.183.97
64.233.189.18
200.57.34.141
208.69.36.231
64.202.160.40
201.144.112.163
129.9.64.138
66.235.132.152
66.102.7.97
12.150.199.203
66.235.133.14
66.102.7.97
12.150.199.203
129.9.64.138
129.9.64.138
208.89.13.133
192.100.230.2
208.67.219.231
65.54.225.100
199.7.60.231
65.54.225.100
207.207.2.44
208.67.219.230
66.102.7.19
65.54.186.10
72.247.77.186
72.247.88.124
207.46.120.109
65.55.227.252
148.244.43.79
148.244.43.5
64.233.181.149
74.125.71.17
208.67.219.230
74.125.157.99
74.125.157.103
74.125.157.105
74.125.157.106
74.125.157.100
129.9.168.91
63.245.221.10
64.14.123.176
64.14.123.0/24

_______________________________________________
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-es] Liberar webmail

Responder a