lywsvip/oneclickvirt.github.io
1
0
Fork 0
mirror of https://github.com/oneclickvirt/oneclickvirt.github.io.git synced 2026-06-09 16:25:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
37dabbecfa601b013df482a1e35edcf04fa3b35a
oneclickvirt.github.io/assets/guide_block_block_iptables.md.1a1324ae.lean.js
spiritLHLS 37dabbecfa deploy: 3728a099e8
2025-05-08 16:23:26 +00:00

55 lines
14 KiB
JavaScript
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import{_ as s,v as a,b as n,R as l}from"./chunks/framework.70afa331.js";const y=JSON.parse('{"title":"通过iptables屏蔽滥用","description":"","frontmatter":{"outline":"deep"},"headers":[],"relativePath":"guide/block/block_iptables.md","filePath":"guide/block/block_iptables.md","lastUpdated":1746721377000}'),o={name:"guide/block/block_iptables.md"},p=l(`<h1 id="通过iptables屏蔽滥用" tabindex="-1">通过iptables屏蔽滥用 <a class="header-anchor" href="#通过iptables屏蔽滥用" aria-label="Permalink to &quot;通过iptables屏蔽滥用&quot;"></a></h1><h2 id="iptables的基础使用说明" tabindex="-1"><code>iptables</code>的基础使用说明 <a class="header-anchor" href="#iptables的基础使用说明" aria-label="Permalink to &quot;\`iptables\`的基础使用说明&quot;"></a></h2><h3 id="_1-启动-iptables" tabindex="-1">1. 启动 <code>iptables</code> <a class="header-anchor" href="#_1-启动-iptables" aria-label="Permalink to &quot;1. 启动 \`iptables\`&quot;"></a></h3><p>在大多数 Linux 发行版中,<code>iptables</code> 服务可以通过以下命令启动:</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">systemctl</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">start</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span></span></code></pre></div><h3 id="_2-设置规则" tabindex="-1">2. 设置规则 <a class="header-anchor" href="#_2-设置规则" aria-label="Permalink to &quot;2. 设置规则&quot;"></a></h3><p>在启动 <code>iptables</code> 后可以设置相应的规则来屏蔽滥用流量。例如以下命令将阻止来自特定IPV4地址的流量</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-A</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">INPUT</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-s</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">xxx.xxx.xxx.xxx</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-j</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">DROP</span></span></code></pre></div><h3 id="_3-查询规则" tabindex="-1">3. 查询规则 <a class="header-anchor" href="#_3-查询规则" aria-label="Permalink to &quot;3. 查询规则&quot;"></a></h3><p>设置完规则后,可以使用以下命令查看当前的 <code>iptables</code> 规则:</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-L</span></span></code></pre></div><p>这将列出所有输入、输出和转发的规则。</p><h3 id="_4-停止-iptables" tabindex="-1">4. 停止 <code>iptables</code> <a class="header-anchor" href="#_4-停止-iptables" aria-label="Permalink to &quot;4. 停止 \`iptables\`&quot;"></a></h3><p>如果需要停止 <code>iptables</code> 服务,可以使用以下命令:</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">systemctl</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">stop</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span></span></code></pre></div><h3 id="_5-保存规则" tabindex="-1">5. 保存规则 <a class="header-anchor" href="#_5-保存规则" aria-label="Permalink to &quot;5. 保存规则&quot;"></a></h3><p>为了确保在重启后规则依然生效,可以保存当前的规则:</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables-save</span><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;">|</span><span style="color:#A6ACCD;"> </span><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">tee</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">/etc/iptables/rules.v4</span></span></code></pre></div><h3 id="_6-恢复规则" tabindex="-1">6. 恢复规则 <a class="header-anchor" href="#_6-恢复规则" aria-label="Permalink to &quot;6. 恢复规则&quot;"></a></h3><p>在需要恢复规则时,可以使用以下命令:</p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables-restore</span><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;">&lt;</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">/etc/iptables/rules.v4</span></span></code></pre></div><h3 id="_7-其他常用命令" tabindex="-1">7. 其他常用命令 <a class="header-anchor" href="#_7-其他常用命令" aria-label="Permalink to &quot;7. 其他常用命令&quot;"></a></h3><ul><li><p><strong>列出规则(详细信息)</strong></p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-L</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-v</span></span></code></pre></div></li><li><p><strong>删除特定规则</strong></p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-D</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">INPUT</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-s</span><span style="color:#A6ACCD;"> </span><span style="color:#F78C6C;">192.168</span><span style="color:#C3E88D;">.1.100</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-j</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">DROP</span></span></code></pre></div></li><li><p><strong>清空所有规则</strong></p><div class="language-bash"><button title="Copy Code" class="copy"></button><span class="lang">bash</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#FFCB6B;">sudo</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">iptables</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">-F</span></span></code></pre></div></li></ul><h2 id="在宿主机上屏蔽滥用行为" tabindex="-1">在宿主机上屏蔽滥用行为 <a class="header-anchor" href="#在宿主机上屏蔽滥用行为" aria-label="Permalink to &quot;在宿主机上屏蔽滥用行为&quot;"></a></h2><h3 id="屏蔽挖矿行为" tabindex="-1">屏蔽挖矿行为 <a class="header-anchor" href="#屏蔽挖矿行为" aria-label="Permalink to &quot;屏蔽挖矿行为&quot;"></a></h3><div class="language-"><button title="Copy Code" class="copy"></button><span class="lang"></span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#A6ACCD;">strings=(</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;ethermine.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;antpool.one&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;antpool.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;pool.bar&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;get_peers&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;announce_peer&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;find_node&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;seed_hash&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;">)</span></span>
<span class="line"><span style="color:#A6ACCD;"></span></span>
<span class="line"><span style="color:#A6ACCD;">for str in &quot;\${strings[@]}&quot;; do</span></span>
<span class="line"><span style="color:#A6ACCD;"> iptables -A OUTPUT -m string --string &quot;$str&quot; --algo bm -j DROP</span></span>
<span class="line"><span style="color:#A6ACCD;">done</span></span></code></pre></div><h3 id="屏蔽bt行为" tabindex="-1">屏蔽BT行为 <a class="header-anchor" href="#屏蔽bt行为" aria-label="Permalink to &quot;屏蔽BT行为&quot;"></a></h3><div class="language-"><button title="Copy Code" class="copy"></button><span class="lang"></span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#A6ACCD;">strings=(</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;torrent&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;.torrent&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;peer_id=&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;announce&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;info_hash&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;get_peers&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;find_node&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;BitTorrent&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;announce_peer&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;BitTorrent protocol&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;announce.php?passkey=&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;magnet:&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;xunlei&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;sandai&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;Thunder&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;XLLiveUD&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;">)</span></span>
<span class="line"><span style="color:#A6ACCD;"></span></span>
<span class="line"><span style="color:#A6ACCD;">for str in &quot;\${strings[@]}&quot;; do</span></span>
<span class="line"><span style="color:#A6ACCD;"> iptables -A OUTPUT -m string --string &quot;$str&quot; --algo bm -j DROP</span></span>
<span class="line"><span style="color:#A6ACCD;">done</span></span></code></pre></div><h3 id="屏蔽测速行为" tabindex="-1">屏蔽测速行为 <a class="header-anchor" href="#屏蔽测速行为" aria-label="Permalink to &quot;屏蔽测速行为&quot;"></a></h3><div class="language-"><button title="Copy Code" class="copy"></button><span class="lang"></span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#A6ACCD;">strings=(</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;.speed&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speed.&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;.speed.&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;fast.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speedtest.net&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speedtest.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speedtest.cn&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;test.ustc.edu.cn&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;10000.gd.cn&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;db.laomoe.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;jiyou.cloud&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;ovo.speedtestcustom.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speed.cloudflare.com&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;"> &quot;speedtest&quot;</span></span>
<span class="line"><span style="color:#A6ACCD;">)</span></span>
<span class="line"><span style="color:#A6ACCD;"></span></span>
<span class="line"><span style="color:#A6ACCD;">for str in &quot;\${strings[@]}&quot;; do</span></span>
<span class="line"><span style="color:#A6ACCD;"> iptables -A OUTPUT -m string --string &quot;$str&quot; --algo bm -j DROP</span></span>
<span class="line"><span style="color:#A6ACCD;">done</span></span></code></pre></div>`,30),e=[p];function t(c,r,i,C,u,A){return a(),n("div",null,e)}const D=s(o,[["render",t]]);export{y as __pageData,D as default};
Reference in New Issue View Git Blame Copy Permalink