Postado originalmente por
Brenno
Postado originalmente por
White_Tiger
Tente fazer assim:
$IPTABLES -A FORWARD -s 192.168.4.0/24 -p tcp --dport 1863 -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d 64.4.13.0/24 -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d gtwy.messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d gateway.messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d svcs.microsoft.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d 72.21.56.243/24 -j DROP
for IPLIBERADOS in "192.168.4.222"
do
$IPTABLES -A FORWARD -s $IPLIBERADOS -p tcp --dport 1863 -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d 64.4.13.0/24 -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d gtwy.messenger.hotmail.com -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d gateway.messenger.hotmail.com -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d messenger.hotmail.com -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d svcs.microsoft.com -j ACCEPT
$IPTABLES -A FORWARD -s $IPLIBERADOS -d 72.21.56.243/24 -j ACCEPT
done
Pq ao meu ver primeiro vc dropa tudo e depois libera as excessões. Agora se vc liberar as excessões e depois dropar tudo vai ficar tudo dropado.
tenta assim
$IPTABLES -A FORWARD -s 192.168.4.0/24 -p tcp --dport 1863 -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d 64.4.13.0/24 -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d gtwy.messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d gateway.messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d messenger.hotmail.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d svcs.microsoft.com -j DROP
$IPTABLES -A FORWARD -s 192.168.4.0/24 -d 72.21.56.243/24 -j DROP
for IPLIBERADOS in "192.168.4.222"
do
$IPTABLES -I FORWARD -s $IPLIBERADOS -p tcp --dport 1863 -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d 64.4.13.0/24 -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d gtwy.messenger.hotmail.com -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d gateway.messenger.hotmail.com -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d messenger.hotmail.com -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d svcs.microsoft.com -j ACCEPT
$IPTABLES -I FORWARD -s $IPLIBERADOS -d 72.21.56.243/24 -j ACCEPT
recomendo você utilizar o squid+iptables, mas se não puder, vai nessas regras mesmo. boa sorte.