Block Freegate proxy
Hi mam/sir can you help me how to block freegate using iptables. i already block the packet sent by ultrasurf using iptables.
|
Quote:
|
There are more than a few web pages on how to prevent this sort of app.
Many of the posts offer some clues to ways that might prevent it if one doesn't want to employ a layer 7+ device/appliance. Even then, the one you choose would have to report that this app is being blocked. (for now) One interesting thing I read was a person was only allowing traffic by domain name and watching for ip addresses without domain name. In linux it might be more easy to prevent users from running this sort of app but anytime you let these guys on a windows system, it will be difficult to stop them from running short of being fired. |
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 77 --hex-string '|16030100410100003d0301|' --algo bm -j DROP
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 512 --hex-string '|00040005000a00090064006200030006001300120063|' --algo bm -j DROP i used this iptables to block ultrasuf how about freegate.. pls help.. ---------- Post added 01-25-14 at 08:34 AM ---------- BTW my linux server is ubuntu.. |
Quote:
Quote:
|
ubuntu server 13.04.. did you have tutorial for layer-7 filter. sorry for the word i'm newbie on server configuration..tnx
|
Quote:
And if you tried putting "how to use linux as a layer 7 filter" into Google, you'd see lots...did you try that?? Always a good idea to try to look things up for yourself, rather than asking others to do it for you. http://l7-filter.clearfoundation.com/ There are also hardware devices that do such things, which can be far better in a company environment. |
thanks for adviced tbone
|
All times are GMT -5. The time now is 08:48 AM. |