LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Block Freegate proxy (https://www.linuxquestions.org/questions/linux-newbie-8/block-freegate-proxy-4175492416/)

onofregacutan 01-24-2014 09:03 AM
Block Freegate proxy
 
Hi mam/sir can you help me how to block freegate using iptables. i already block the packet sent by ultrasurf using iptables.

TB0ne 01-24-2014 10:06 AM
Quote:
Originally Posted by onofregacutan (Post 5104413)
Hi mam/sir can you help me how to block freegate using iptables. i already block the packet sent by ultrasurf using iptables.
You can't block it using IPtables, since it uses MANY different ports. As with things like torrents/etc., you'll need a layer 7 filter to catch such things.

jefro 01-24-2014 05:37 PM
There are more than a few web pages on how to prevent this sort of app.

Many of the posts offer some clues to ways that might prevent it if one doesn't want to employ a layer 7+ device/appliance. Even then, the one you choose would have to report that this app is being blocked. (for now)

One interesting thing I read was a person was only allowing traffic by domain name and watching for ip addresses without domain name.

In linux it might be more easy to prevent users from running this sort of app but anytime you let these guys on a windows system, it will be difficult to stop them from running short of being fired.

onofregacutan 01-25-2014 07:33 AM
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 77 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 512 --hex-string '|00040005000a00090064006200030006001300120063|' --algo bm -j DROP

i used this iptables to block ultrasuf how about freegate.. pls help..

---------- Post added 01-25-14 at 08:34 AM ----------

BTW my linux server is ubuntu..

TB0ne 01-25-2014 09:04 AM
Quote:
Originally Posted by onofregacutan (Post 5104949)
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 77 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 512 --hex-string '|00040005000a00090064006200030006001300120063|' --algo bm -j DROP

i used this iptables to block ultrasuf how about freegate.. pls help..
Spell out your words. And did you read the replies?? You CANNOT BLOCK IT with iptables. You need a layer-7 filter if you want to TOTALLY block this. Otherwise, you can't.
Quote:
BTW my linux server is ubuntu..
Ok..Ubuntu WHAT?? 9? 10? 11? 12? 13?

onofregacutan 01-25-2014 09:55 AM
ubuntu server 13.04.. did you have tutorial for layer-7 filter. sorry for the word i'm newbie on server configuration..tnx

TB0ne 01-25-2014 10:12 AM
Quote:
Originally Posted by onofregacutan (Post 5105000)
ubuntu server 13.04.. did you have tutorial for layer-7 filter. sorry for the word i'm newbie on server configuration..tnx
Again, you need to SPELL OUT YOUR WORDS. It's "thanks", not "tnx"; "please", not "pls".

And if you tried putting "how to use linux as a layer 7 filter" into Google, you'd see lots...did you try that?? Always a good idea to try to look things up for yourself, rather than asking others to do it for you.
http://l7-filter.clearfoundation.com/

There are also hardware devices that do such things, which can be far better in a company environment.

onofregacutan 01-25-2014 10:53 AM
thanks for adviced tbone


All times are GMT -5. The time now is 08:48 AM.