nslookup 出QQ的230多个Ip地址,然后封锁 4000,8000, 80,443端口。
引用:
#定义所有要封锁的QQ服务器ip,以逗号分隔 QQServerIPs = "{121.14.74.138, 121.14.74.245, 121.14.74.246, 121.14.74.247, 121.14.75.50, 121.14.75.51, 121.14.75.57, \ 121.14.75.58, 121.14.75.59, 121.14.75.60, 121.14.75.61, 121.14.75.62, 121.14.75.63, 121.14.75.64, \ 121.14.77.105, 121.14.77.106, 121.14.77.107, 219.133.38.135, 219.133.38.136, 219.133.38.230, 219.133.40.130, \ 219.133.40.138, 219.133.40.179, 219.133.40.189, 219.133.40.37, 219.133.48.101, 219.133.48.102, 219.133.48.103, \ 219.133.48.104, 219.133.48.105, 219.133.48.106, 219.133.48.107, 219.133.48.108, 219.133.48.109, 219.133.48.52, \ 219.133.48.53, 219.133.48.56, 219.133.48.57, 219.133.48.61, 219.133.48.62, 219.133.48.70, 219.133.48.72, \ 219.133.48.74, 219.133.48.75, 219.133.48.87, 219.133.48.88, 219.133.48.90, 219.133.48.91, 219.133.48.96, \ 219.133.48.97, 219.133.48.98, 219.133.48.99, 219.133.49.124, 219.133.49.125, 219.133.49.163, \ 219.133.49.164, 219.133.49.167, 219.133.49.168, 219.133.49.169, 219.133.49.170, 219.133.49.171, 219.133.49.172, \ 219.133.49.173, 219.133.49.195, 219.133.49.196, 219.133.49.198, 219.133.49.199, 219.133.49.200, 219.133.49.206, \ 219.133.49.211, 219.133.49.215, 219.133.49.216, 219.133.51.93, 219.133.60.148, 219.133.60.149, 219.133.60.15, \ 219.133.60.153, 219.133.60.16, 219.133.60.172, 219.133.60.173, 219.133.60.174, 219.133.60.18, 219.133.60.19, \ 219.133.60.20, 219.133.60.206, 219.133.60.21, 219.133.60.22, 219.133.60.23, 219.133.60.24, 219.133.60.246, \ 219.133.60.25, 219.133.60.250, 219.133.60.26, 219.133.60.27, 219.133.60.30, 219.133.60.32, 219.133.60.33, \ 219.133.60.34, 219.133.60.35, 219.133.60.36, 219.133.60.37, 219.133.60.38, 219.133.60.39, 219.133.60.71, \ 219.133.60.72, 219.133.60.74, 219.133.60.75, 219.133.62.10, 219.133.62.179, 219.133.62.2, 219.133.62.3, \ 219.133.62.4, 219.133.62.8, 219.133.62.9, 219.133.63.15, 219.133.63.53, 219.133.63.54, 58.251.60.44, \ 58.251.60.46, 58.251.60.51, 58.251.60.53, 58.251.62.14, 58.251.62.15, 58.251.62.17, 58.251.62.25, \ 58.251.62.26, 58.251.62.31, 58.251.62.35, 58.251.62.37, 58.251.62.38, 58.251.62.40, 58.251.63.56, \ 58.251.63.57, 58.251.63.58, 58.251.63.60, 58.251.63.61, 58.251.63.62, 58.251.63.64, 58.251.63.65, \ 58.251.63.66, 58.251.63.68, 58.251.63.69, 58.251.63.71, 58.251.63.72, 58.251.63.74, 58.251.63.75, \ 58.251.63.76, 58.251.63.78, 58.251.63.79, 58.60.14.101, 58.60.14.102, 58.60.14.103, 58.60.14.104, \ 58.60.14.106, 58.60.14.107, 58.60.14.108, 58.60.14.109, 58.60.14.110, 58.60.14.111, 58.60.14.113, \ 58.60.14.114, 58.60.14.115, 58.60.14.180, 58.60.14.191, 58.60.14.192, 58.60.14.193, 58.60.14.194, \ 58.60.14.195, 58.60.14.199, 58.60.14.201, 58.60.14.202, 58.60.14.32, 58.60.14.33, 58.60.14.34, \ 58.60.14.35, 58.60.14.37, 58.60.14.38, 58.60.14.39, 58.60.14.40, 58.60.14.41, 58.60.14.42, \ 58.60.14.43, 58.60.14.44, 58.60.14.45, 58.60.14.46, 58.60.14.47, 58.60.14.48, 58.60.14.49, \ 58.60.14.50, 58.60.14.51, 58.60.14.52, 58.60.14.53, 58.60.14.96, 58.60.14.97, 58.60.15.104, \ 58.60.15.31, 58.60.15.33, 58.60.15.34, 58.60.15.35, 58.60.15.36, 58.60.15.38, 58.60.15.39, \ 58.60.15.41, 58.60.15.96, 58.60.15.97, 58.60.15.98, 58.60.9.66, 58.61.165.205, 58.61.32.39, \ 58.61.32.40, 58.61.32.59, 58.61.33.120, 58.61.33.121, 58.61.34.20, 58.61.34.21, 58.61.34.24, \ 58.61.34.25, 58.61.34.26, 58.61.34.51}" #定义QQ连接协议类型。目前是udp优先,udp不通的话再尝试tcp QQServerProto = "{udp,tcp}" #定义QQ服务器端口。 QQServerPorts = "{4000,8000}" #如果8000端口不通,QQ会尝试用web端口80和ssl端口443访问。 QQServerwebPorts = "{80,443}" #定义要被封锁的内网ip段。以逗号分割。 QQDenyClients = "{192.168.2.0/24}" #禁止要被封锁的内网ip段 $QQDenyClients 客户端连接任何服务器的QQServerPorts (4000,8000)端口 block quick inet proto $QQServerProto from $QQDenyClients to any port $QQServerPorts block quick inet proto $QQServerProto from $QQDenyClients port $QQServerPorts to any #禁止要被封锁的内网ip段 $QQDenyClients 客户端连接$QQServerIPs QQ服务器的$QQServerwebPorts (80,443)端口 block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs port $QQServerwebPorts block quick inet proto $QQServerProto from $QQServerIPs port $QQServerwebPorts to $QQDenyClients #禁止$QQServerIPs QQ服务器 连接 要被封锁的内网ip段 $QQDenyClients block quick inet proto $QQServerProto from $QQServerIPs to $QQDenyClients block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs |
自动列出qq 服务器ip的脚本:
引用:
cat /root/getqqip.sh #!/bin/sh # nslookup sz.tencent.com | grep -v \#53 | grep -i address > /root/qqip.txt nslookup sz.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt cat /root/qqip.txt | sort | uniq -c |