IPTABLES, sistem yöneticisinin Linux çekirdek güvenlik duvarı (çeşitli Netfilter modülleri olarak uygulanır) tarafından sağlanan tabloları ve depolanan zincirleri ve kuralları yapılandırmasına olanak tanıyan bir kullanıcı alanı uygulamasıdır.
IPtables kurallarını ayarlayın
BitTorrent trafiğini IPTABLES ile engellemek için /etc/sysconfig/iptables (CentOS 7) dosyasını düzenleyip aşağıdakileri ekleyebilirsiniz:
vim /etc/sysconfig/iptables.İlk önce ilk kuralın hemen üstüne zinciri eklemeniz gerekiyor.
:RH-Firewall-1-INPUT - [0:0]
Daha sonra COMMIT satırının üstüne şunu ekleyin.
# Torrent ALGO Strings using Boyer-Moore
-A RH-Firewall-1-INPUT -m string --algo bm --string "BitTorrent" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "BitTorrent protocol" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "peer_id=" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string ".torrent" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "announce.php?passkey=" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "torrent" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "announce" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "info_hash" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string "/default.ida?" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string ".exe?/c+dir" -j DROP
-A RH-Firewall-1-INPUT -m string --algo bm --string ".exe?/c_tftp" -j DROP
# Torrent Keys
-A RH-Firewall-1-INPUT -m string --string "peer_id" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "BitTorrent" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "BitTorrent protocol" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "bittorrent-announce" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "announce.php?passkey=" --algo kmp -j DROP
# Distributed Hash Table (DHT) Keywords
-A RH-Firewall-1-INPUT -m string --string "find_node" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "info_hash" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "get_peers" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "announce" --algo kmp -j DROP
-A RH-Firewall-1-INPUT -m string --string "announce_peers" --algo kmp -j DROP
IPtables'ı yeniden başlatın
/etc/init.d/iptables restartIPtables/Doğrulama Kurallarını Görüntüle
iptables -LÖrnek çıktı
Chain RH-Firewall-1-INPUT (0 references)
target prot opt source destination
DROP all -- anywhere anywhere STRING match "BitTorrent" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "BitTorrent protocol" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "peer_id=" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match ".torrent" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "announce.php?passkey=" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "torrent" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "announce" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "info_hash" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "/default.ida?" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match ".exe?/c+dir" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match ".exe?/c_tftp" ALGO name bm TO 65535
DROP all -- anywhere anywhere STRING match "peer_id" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "BitTorrent" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "BitTorrent protocol" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "bittorrent-announce" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "announce.php?passkey=" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "find_node" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "info_hash" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "get_peers" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "announce" ALGO name kmp TO 65535
DROP all -- anywhere anywhere STRING match "announce_peers" ALGO name kmp TO 65535
