 |
用netscreen防火墙限制BT下载 |
|
|
| 用netscreen防火墙限制BT下载 |
|
| 作者:佚名 文章来源:不详 点击数: 更新时间:2007-1-24 11:25:42 |
|
参考下面这个例子进行修改,达到限制点对点软件的目的。
Setp a --- Define service
==========================
set service "BitComet_Handshake" protocol tcp src-port 0-65535 dst-port 1025-65535
set service "http8080" protocol tcp src-port 0-65535 dst-port 8080-8080
Sept b --- Define Signature for tracker query
==============================================
set attack "CS:BT-TRACK:1" http-url-variable-parsed ".*/[attachmentid/].*" severity info
set attack "CS:BT-TRACK:2" stream256 ".*/[announce/].*" severity info
set attack "CS:BT-TRACK:3" http-url-parsed ".*/[torrent/].*" severity info
--- Define some signature that will match HTTP request to download "*.torrent" file.
--- This will apply to HTTP or customized HTTP service port, such as tcp port 8080.
Sept c --- Define Signature for Handshake
==========================================
set attack "CS:Bitcomet:HandShake" stream256 ".*/[BitTorrent protocol/].*" severity info
--- Define attack signature for blocking BitTorrent handshake.
Stpe d --- Define tracker query attack group for referenced in policy
==================================================================
set attack group "CS:Bitcomet:Track"
set attack group "CS:Bitcomet:Track" add "CS:BT-TRACK:2"
set attack group "CS:Bitcomet:Track" add "CS:BT-TRACK:3"
set attack group "CS:Bitcomet:Track" add "CS:BT-TRACK:1"
Stpe e --- Define Handshake attack group for referenced in policy
==================================================================
set attack group "CS:BitComet:HandShake"
set attack group "CS:BitComet:HandShake" add "CS:Bitcomet:HandShake"
Step f --- Policy for tracker query for standard HTTP service
==============================================================
set policy id 3 from "Trust" to "Untrust" "Any" "Any" "HTTP" permit log
set policy id 3 attack "CS:Bitcomet:Track" action close
set policy id 3
exit
Step g --- Policy for tracker query for customized HTTP service
=================================================================
set policy id 4 from "Trust" to "Untrust" "Any" "Any" "http8080" permit
set policy id 4 attack "CS:Bitcomet:Track" action close
set policy id 4 application "http" ---- ? option
set policy id 4
exit
Step h --- Policy peer Handshake
=================================================================
set policy id 5 from "Trust" to "Untrust" "Any" "Any" "BitComet_Handshake" permit
set policy id 5 application "TALK"
set policy id 5 attack "CS:BitComet:HandShake" action close
set policy id 5
exit【转自世纪安全网 http://www.21safe.com】
|
|
| 文章录入:admin 责任编辑:admin |
|
|
上一篇文章: 用CISCO PIX防火墙构筑企业网络的“铜墙铁壁”
下一篇文章: 思科PIX防火墙设置详解 |
|
|
| 【字体:小 大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 |
|
|
 网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!) |
|
|
|
|
|
