我的番茄炒蛋
生活如此精彩,挑战无处不在!

导航

 
改进版。
nslookup 出QQ的230多个Ip地址,然后封锁 4000,8000, 80,443端口。

引用:
#定义所有要封锁的QQ服务器ip,以逗号分隔
QQServerIPs = "{121.14.74.138, 121.14.74.245, 121.14.74.246, 121.14.74.247, 121.14.75.50, 121.14.75.51, 121.14.75.57, \
121.14.75.58, 121.14.75.59, 121.14.75.60, 121.14.75.61, 121.14.75.62, 121.14.75.63, 121.14.75.64, \
121.14.77.105, 121.14.77.106, 121.14.77.107, 219.133.38.135, 219.133.38.136, 219.133.38.230, 219.133.40.130, \
219.133.40.138, 219.133.40.179, 219.133.40.189, 219.133.40.37, 219.133.48.101, 219.133.48.102, 219.133.48.103, \
219.133.48.104, 219.133.48.105, 219.133.48.106, 219.133.48.107, 219.133.48.108, 219.133.48.109, 219.133.48.52, \
219.133.48.53, 219.133.48.56, 219.133.48.57, 219.133.48.61, 219.133.48.62, 219.133.48.70, 219.133.48.72, \
219.133.48.74, 219.133.48.75, 219.133.48.87, 219.133.48.88, 219.133.48.90, 219.133.48.91, 219.133.48.96, \
219.133.48.97, 219.133.48.98, 219.133.48.99, 219.133.49.124, 219.133.49.125, 219.133.49.163, \
219.133.49.164, 219.133.49.167, 219.133.49.168, 219.133.49.169, 219.133.49.170, 219.133.49.171, 219.133.49.172, \
219.133.49.173, 219.133.49.195, 219.133.49.196, 219.133.49.198, 219.133.49.199, 219.133.49.200, 219.133.49.206, \
219.133.49.211, 219.133.49.215, 219.133.49.216, 219.133.51.93, 219.133.60.148, 219.133.60.149, 219.133.60.15, \
219.133.60.153, 219.133.60.16, 219.133.60.172, 219.133.60.173, 219.133.60.174, 219.133.60.18, 219.133.60.19, \
219.133.60.20, 219.133.60.206, 219.133.60.21, 219.133.60.22, 219.133.60.23, 219.133.60.24, 219.133.60.246, \
219.133.60.25, 219.133.60.250, 219.133.60.26, 219.133.60.27, 219.133.60.30, 219.133.60.32, 219.133.60.33, \
219.133.60.34, 219.133.60.35, 219.133.60.36, 219.133.60.37, 219.133.60.38, 219.133.60.39, 219.133.60.71, \
219.133.60.72, 219.133.60.74, 219.133.60.75, 219.133.62.10, 219.133.62.179, 219.133.62.2, 219.133.62.3, \
219.133.62.4, 219.133.62.8, 219.133.62.9, 219.133.63.15, 219.133.63.53, 219.133.63.54, 58.251.60.44, \
58.251.60.46, 58.251.60.51, 58.251.60.53, 58.251.62.14, 58.251.62.15, 58.251.62.17, 58.251.62.25, \
58.251.62.26, 58.251.62.31, 58.251.62.35, 58.251.62.37, 58.251.62.38, 58.251.62.40, 58.251.63.56, \
58.251.63.57, 58.251.63.58, 58.251.63.60, 58.251.63.61, 58.251.63.62, 58.251.63.64, 58.251.63.65, \
58.251.63.66, 58.251.63.68, 58.251.63.69, 58.251.63.71, 58.251.63.72, 58.251.63.74, 58.251.63.75, \
58.251.63.76, 58.251.63.78, 58.251.63.79, 58.60.14.101, 58.60.14.102, 58.60.14.103, 58.60.14.104, \
58.60.14.106, 58.60.14.107, 58.60.14.108, 58.60.14.109, 58.60.14.110, 58.60.14.111, 58.60.14.113, \
58.60.14.114, 58.60.14.115, 58.60.14.180, 58.60.14.191, 58.60.14.192, 58.60.14.193, 58.60.14.194, \
58.60.14.195, 58.60.14.199, 58.60.14.201, 58.60.14.202, 58.60.14.32, 58.60.14.33, 58.60.14.34, \
58.60.14.35, 58.60.14.37, 58.60.14.38, 58.60.14.39, 58.60.14.40, 58.60.14.41, 58.60.14.42, \
58.60.14.43, 58.60.14.44, 58.60.14.45, 58.60.14.46, 58.60.14.47, 58.60.14.48, 58.60.14.49, \
58.60.14.50, 58.60.14.51, 58.60.14.52, 58.60.14.53, 58.60.14.96, 58.60.14.97, 58.60.15.104, \
58.60.15.31, 58.60.15.33, 58.60.15.34, 58.60.15.35, 58.60.15.36, 58.60.15.38, 58.60.15.39, \
58.60.15.41, 58.60.15.96, 58.60.15.97, 58.60.15.98, 58.60.9.66, 58.61.165.205, 58.61.32.39, \
58.61.32.40, 58.61.32.59, 58.61.33.120, 58.61.33.121, 58.61.34.20, 58.61.34.21, 58.61.34.24, \
58.61.34.25, 58.61.34.26, 58.61.34.51}"

#定义QQ连接协议类型。目前是udp优先,udp不通的话再尝试tcp
QQServerProto = "{udp,tcp}"
#定义QQ服务器端口。
QQServerPorts = "{4000,8000}"
#如果8000端口不通,QQ会尝试用web端口80和ssl端口443访问。
QQServerwebPorts = "{80,443}"
#定义要被封锁的内网ip段。以逗号分割。
QQDenyClients = "{192.168.2.0/24}"

#禁止要被封锁的内网ip段 $QQDenyClients 客户端连接任何服务器的QQServerPorts (4000,8000)端口
block quick inet proto $QQServerProto from $QQDenyClients to any port $QQServerPorts
block quick inet proto $QQServerProto from $QQDenyClients port $QQServerPorts to any

#禁止要被封锁的内网ip段 $QQDenyClients 客户端连接$QQServerIPs QQ服务器的$QQServerwebPorts (80,443)端口
block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs port $QQServerwebPorts
block quick inet proto $QQServerProto from $QQServerIPs port $QQServerwebPorts to $QQDenyClients

#禁止$QQServerIPs QQ服务器 连接 要被封锁的内网ip段 $QQDenyClients
block quick inet proto $QQServerProto from $QQServerIPs to $QQDenyClients
block quick inet proto $QQServerProto from $QQDenyClients to $QQServerIPs


自动列出qq 服务器ip的脚本:
引用:
cat /root/getqqip.sh
#!/bin/sh
#

nslookup sz.tencent.com | grep -v \#53 | grep -i address > /root/qqip.txt
nslookup sz.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz7.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz8.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup sz9.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn2.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn3.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn4.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn5.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt
nslookup tcpconn6.tencent.com | grep -v \#53 | grep -i address >> /root/qqip.txt

cat /root/qqip.txt | sort | uniq -c
posted on 2008-03-17 12:10  bluesky  阅读(631)  评论(0编辑  收藏  举报