-->
fc5下装上vmware(网络接口设定为nat)后安装windowsxp系统,装上QQ和MSN,
在fc5下使用tcpdump解析虚拟机的网络接口发出的包,使用iptables对QQ和msn服务器地址进行阻挡
编写的perl脚本如下:
#!/usr/bin/perl -w
use strict;
use IPC::Open3;
pipe READ,WRITE;
if(fork){
close WRITE;
my %ip;
while(<READ>){
while( $_ = m/(\d+\.\d+\.\d+\.\d+\.\d+)/g){
next if $1 =~ /(192.168|127.0.0|0.0.0.0|172.16.160.)/;
if( exists $ip{$1} ){
next;
}else{
$ip{$1}=$1;
$1 =~ m/(\d+.*)\.(\d+)/;
print "$1:$2\n";
`iptables -I INPUT -s $1 -p tcp --dport $2 -j DROP`;
`iptables -I INPUT -s $1 -p udp --dport $2 -j DROP`;
`iptables -I OUTPUT -d $1 -p tcp --dport $2 -j DROP`;
`iptables -I OUTPUT -d $1 -p udp --dport $2 -j DROP`;
}
}
}
}else{
my $pid=open3('>&STDIN','<&WRITE','<&STDERR','tcpdump','-nn','-i','vmnet8','-l');
}
QQ的服务器有:
219.133.60.34:8000
219.133.40.130:8000
58.60.14.39:8000
58.60.14.33:8000
219.133.48.89:8000
219.133.60.37:8000
219.133.60.39:8000
219.133.40.37:8000
58.60.14.32:8000
219.133.49.171:8000
219.133.48.103:80
219.133.38.230:80
219.133.60.173:80
58.60.14.45:80
219.133.38.5:80
219.133.49.211:80
222.213.0.142:8000
221.236.11.25:8000
60.28.14.51:80
219.133.60.173:443
219.133.38.230:443
219.133.38.5:443
218.85.138.18:8000
218.85.138.12:8000
58.60.14.45:443
219.133.60.34:8000
219.133.40.130:8000
58.60.14.39:8000
58.60.14.33:8000
219.133.48.89:8000
219.133.60.37:8000
219.133.60.39:8000
219.133.40.37:8000
58.60.14.32:8000
219.133.49.171:8000
219.133.48.103:80
219.133.38.230:80
219.133.60.173:80
58.60.14.45:80
219.133.38.5:80
219.133.49.211:80
222.213.0.142:8000
221.236.11.25:8000
60.28.14.51:80
219.133.60.173:443
219.133.38.230:443
219.133.38.5:443
218.85.138.18:8000
218.85.138.12:8000
58.60.14.45:443
msn的服务器有:
65.54.239.140:1863
65.54.239.80:1863
65.54.239.211:80
207.46.109.77:80
219.133.49.211:80
219.133.48.103:80
219.133.60.173:80
58.60.14.45:80
221.236.11.25:8000
发表评论