LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-24-2014, 10:03 AM   #1
onofregacutan
LQ Newbie
 
Registered: Jul 2013
Posts: 4

Rep: Reputation: Disabled
Unhappy Block Freegate proxy


Hi mam/sir can you help me how to block freegate using iptables. i already block the packet sent by ultrasurf using iptables.
 
Old 01-24-2014, 11:06 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by onofregacutan View Post
Hi mam/sir can you help me how to block freegate using iptables. i already block the packet sent by ultrasurf using iptables.
You can't block it using IPtables, since it uses MANY different ports. As with things like torrents/etc., you'll need a layer 7 filter to catch such things.
 
Old 01-24-2014, 06:37 PM   #3
jefro
Moderator
 
Registered: Mar 2008
Posts: 17,101

Rep: Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552Reputation: 2552
There are more than a few web pages on how to prevent this sort of app.

Many of the posts offer some clues to ways that might prevent it if one doesn't want to employ a layer 7+ device/appliance. Even then, the one you choose would have to report that this app is being blocked. (for now)

One interesting thing I read was a person was only allowing traffic by domain name and watching for ip addresses without domain name.

In linux it might be more easy to prevent users from running this sort of app but anytime you let these guys on a windows system, it will be difficult to stop them from running short of being fired.
 
Old 01-25-2014, 08:33 AM   #4
onofregacutan
LQ Newbie
 
Registered: Jul 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 77 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 512 --hex-string '|00040005000a00090064006200030006001300120063|' --algo bm -j DROP

i used this iptables to block ultrasuf how about freegate.. pls help..

---------- Post added 01-25-14 at 08:34 AM ----------

BTW my linux server is ubuntu..
 
Old 01-25-2014, 10:04 AM   #5
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by onofregacutan View Post
iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 77 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

iptables -I FORWARD -p tcp --dport 443 --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 512 --hex-string '|00040005000a00090064006200030006001300120063|' --algo bm -j DROP

i used this iptables to block ultrasuf how about freegate.. pls help..
Spell out your words. And did you read the replies?? You CANNOT BLOCK IT with iptables. You need a layer-7 filter if you want to TOTALLY block this. Otherwise, you can't.
Quote:
BTW my linux server is ubuntu..
Ok..Ubuntu WHAT?? 9? 10? 11? 12? 13?
 
Old 01-25-2014, 10:55 AM   #6
onofregacutan
LQ Newbie
 
Registered: Jul 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
ubuntu server 13.04.. did you have tutorial for layer-7 filter. sorry for the word i'm newbie on server configuration..tnx
 
Old 01-25-2014, 11:12 AM   #7
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by onofregacutan View Post
ubuntu server 13.04.. did you have tutorial for layer-7 filter. sorry for the word i'm newbie on server configuration..tnx
Again, you need to SPELL OUT YOUR WORDS. It's "thanks", not "tnx"; "please", not "pls".

And if you tried putting "how to use linux as a layer 7 filter" into Google, you'd see lots...did you try that?? Always a good idea to try to look things up for yourself, rather than asking others to do it for you.
http://l7-filter.clearfoundation.com/

There are also hardware devices that do such things, which can be far better in a company environment.
 
Old 01-25-2014, 11:53 AM   #8
onofregacutan
LQ Newbie
 
Registered: Jul 2013
Posts: 4

Original Poster
Rep: Reputation: Disabled
thanks for adviced tbone
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid as Anonymous Proxy like Ultrasurf or FreeGate omid1979 Linux - Server 5 07-07-2009 05:30 PM
how can i block a proxy sanjay_mishra Linux - Security 8 09-28-2006 01:09 AM
How to block a proxy from Apache kitek Linux - Security 3 04-24-2006 04:46 AM
block incoming proxy? vicious_pucca Linux - Newbie 5 03-22-2006 07:23 PM
Want to block an ip without proxy shipon_97 Linux - Newbie 2 03-14-2006 04:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:24 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration