Bloqueio UltraSurf MikroTik 5.0
Olá Amigos
Amigos estou querendo bloquear o UltraSurf no meu firewall com MikroTik trabalho com Mikrotik 5.0 apenas como um Rotiador Firewall, Já procurei em varios lugares bloquear este cara mais sem resultado, Não queria bloquear a porta 443 e liberar o básico.
Queria arrumar uma forma de bloquear apenas o UltraSurf. via Layer7 ou Firewall
Alguem teria uma ideia de como poderia bloquear este maldito UltraSurf.
Re: Bloqueio UltraSurf MikroTik 5.0
ultrasurf ,ultrasurf deve se o cão mesmo o terror dos provedo usa o ultrasurf no gvt ,telefonica ,embratel que os genio da informatica trabaia la e se os cara surfa posta aquiiii.... se os cara e bom memo....
Re: Bloqueio UltraSurf MikroTik 5.0
Config:
/ip firewall layer7
add name=http-tunnel regexp=”^get./login/fetchprotocolversion2.htm.http/[-~\t-\r]*host:.cachenetwork.net
/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp src-address-list=imn-network address-list=http-tunnel address-list-timeout=1w layer7-protocol=http-tunnel in-interface=ether4 dst-port=80 comment=”ADD dst-add to http-tunnel (L7)”
############################## #######################
/ip firewall address-list
add address=72.14.192.0/18 comment="" disabled=no list=ultra
add address=208.53.128.0/18 comment="" disabled=no list=ultra
add address=98.136.0.0/14 comment="" disabled=no list=ultra
add address=64.233.160.0/19 comment="" disabled=no list=ultra
add address=124.108.120.0/21 comment="" disabled=no list=ultra
add address=124.108.112.0/20 comment="" disabled=no list=ultra
add address=68.180.128.0/17 comment="" disabled=no list=ultra
add address=206.190.32.0/19 comment="" disabled=no list=ultra
add address=202.158.49.0/24 comment="" disabled=no list=ultra
add address=203.84.200.0/21 comment="" disabled=no list=ultra
add address=203.84.204.0/22 comment="" disabled=no list=ultra
add address=192.221.0.0/16 comment="" disabled=no list=ultra
/ip firewall filter
add action=jump chain=forward comment="blok ultrasurf" disabled=no \
jump-target="url ultra" packet-mark="ultra packet"
add action=drop chain="url ultra" comment="" disabled=no
/ip firewall mangle
add action=mark-connection chain=forward comment=ULTRASURF disabled=no \
dst-address=0.0.0.0/0 dst-address-list=!ultra dst-port=443 \
new-connection-mark="ultra connect" passthrough=yes protocol=tcp
add action=mark-packet chain=forward comment="" connection-mark=\
"ultra connect" disabled=no new-packet-mark="ultra packet" passthrough=\
yes
Citação:
Postado originalmente por
Jonatanmcc
Olá Amigos
Amigos estou querendo bloquear o UltraSurf no meu firewall com MikroTik trabalho com Mikrotik 5.0 apenas como um Rotiador Firewall, Já procurei em varios lugares bloquear este cara mais sem resultado, Não queria bloquear a porta 443 e liberar o básico.
Queria arrumar uma forma de bloquear apenas o UltraSurf. via Layer7 ou Firewall
Alguem teria uma ideia de como poderia bloquear este maldito UltraSurf.
Re: Bloqueio UltraSurf MikroTik 5.0
Olá Keybow Blzz
Cara estou tendo problemas para adicionar o Script layer7, está dando erro.
Citação:
Postado originalmente por
keybow
Config:
/ip firewall layer7
add name=http-tunnel regexp=”^get./login/fetchprotocolversion2.htm.http/[-~\t-\r]*host:.cachenetwork.net
/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp src-address-list=imn-network address-list=http-tunnel address-list-timeout=1w layer7-protocol=http-tunnel in-interface=ether4 dst-port=80 comment=”ADD dst-add to http-tunnel (L7)”
############################## #######################
/ip firewall address-list
add address=72.14.192.0/18 comment="" disabled=no list=ultra
add address=208.53.128.0/18 comment="" disabled=no list=ultra
add address=98.136.0.0/14 comment="" disabled=no list=ultra
add address=64.233.160.0/19 comment="" disabled=no list=ultra
add address=124.108.120.0/21 comment="" disabled=no list=ultra
add address=124.108.112.0/20 comment="" disabled=no list=ultra
add address=68.180.128.0/17 comment="" disabled=no list=ultra
add address=206.190.32.0/19 comment="" disabled=no list=ultra
add address=202.158.49.0/24 comment="" disabled=no list=ultra
add address=203.84.200.0/21 comment="" disabled=no list=ultra
add address=203.84.204.0/22 comment="" disabled=no list=ultra
add address=192.221.0.0/16 comment="" disabled=no list=ultra
/ip firewall filter
add action=jump chain=forward comment="blok ultrasurf" disabled=no \
jump-target="url ultra" packet-mark="ultra packet"
add action=drop chain="url ultra" comment="" disabled=no
/ip firewall mangle
add action=mark-connection chain=forward comment=ULTRASURF disabled=no \
dst-address=0.0.0.0/0 dst-address-list=!ultra dst-port=443 \
new-connection-mark="ultra connect" passthrough=yes protocol=tcp
add action=mark-packet chain=forward comment="" connection-mark=\
"ultra connect" disabled=no new-packet-mark="ultra packet" passthrough=\
yes
Re: Bloqueio UltraSurf MikroTik 5.0
sua rede é para clientes ou empresarial?? porque vc quer bloquear o proxy?/