BLOQUEAR PROGRAMAS COMO ULTRASURC

e ai galera

como bloqueio programas

que burlan o cache como ultrasurc?

e qual dessas regras bloqueian o ultrasurc

/ ip firewall filter
add chain=forward action=drop dst-port=443 protocol=tcp src-address-list=ULTRASURF comment="BLOQUEANDO ACESSO AO ULTRASURF 443" disabled=no

add chain=forward action=add-src-to-address-list dst-port=443 protocol=tcp connection-limit=10,32 limit=15,8 src-address-list=!ULTRASURF address-list=ULTRASURF address-list-timeout=1m comment="BLOQUEANDO ACESSO AO ULTRASURF2 443" disabled=no

add chain=forward action=drop dst-port=9666 protocol=udp src-address-list=ULTRASURF comment="BLOQUEANDO ACESSO AO ULTRASURF porta 9666 udp" disabled=no

add chain=forward action=add-src-to-address-list dst-port=9666 protocol=tcp connection-limit=10,32 src-address-list=!ULTRASURF address-list=ULTRASURF address-list-timeout=10m comment="BLOQUEANDO ACESSO AO ULTRASURF2 porta 9666" disabled=no

add chain=forward action=drop dst-port=9666 protocol=tcp src-address-list=ULTRASURF comment="BLOQUEANDO ACESSO AO ULTRASURF porta 9666" disabled=no

################################################################
OU

/ip firewall address-list
add address=65.49.0.0/17 comment="" disabled=yes list=Ultrasurf_destino
add address=125.231.0.0/16 comment="" disabled=yes list=Ultrasurf_destino

/ip firewall nat
add action=add-src-to-address-list address-list=ultrasurf address-list-timeout=0s chain=dstnat comment="" disabled=yes dst-address-list=Ultrasurf_destino

/ip firewall filter
add action=drop chain=forward comment="" disabled=yes dst-address-list=Ultrasurf_destino dst-port=443 protocol=tcp src-address-list=ultrasurf
add action=drop chain=forward comment="" disabled=yes dst-port=35000-36000 protocol=tcp src-address-list=ultrasurf
add action=drop chain=forward comment="" disabled=yes dst-port=25101 protocol=tcp src-address-list=ultrasurf

####################################################################

OU

essa ta legal...

/ip firewall filter
add action=drop chain=forward comment=\
"UltraSurf Policy - Dropar UltraSurf Blacklist" disabled=yes \
src-address-list=ultrasurf_blacklist

add action=add-src-to-address-list address-list=ultrasurf_blacklist \
address-list-timeout=10m chain=forward comment=\
"UltraSurf Policy - Listar Tentativa de Conexao 3 -> Blacklist" \
connection-state=new disabled=yes dst-port=25101,33500 protocol=tcp \
src-address-list=ultrasurf_tentativa2

add action=add-src-to-address-list address-list=ultrasurf_tentativa2 \
address-list-timeout=20m chain=forward comment=\
"UltraSurf Policy - Listar Tentativa de Conexao 2" connection-state=new \
disabled=yes dst-port=25101,33500 protocol=tcp src-address-list=\
ultrasurf_tentativa1

add action=add-src-to-address-list address-list=ultrasurf_tentativa1 \
address-list-timeout=30m chain=forward comment=\
"UltraSurf Policy - Listar Tentativa de Conexao 1" connection-state=new \
disabled=yes dst-port=25101,33500 protocol=tcp

add action=drop chain=forward comment="UltraSurf Policy - Drop TCP 25101 e 33500" \
connection-state=established disabled=yes dst-port=25101,33500 protocol=tcp

add action=drop chain=forward comment="UltraSurf Policy - Drop TCP 3128" \
disabled=yes dst-port=3128 out-interface=ppp-out1 protocol=tcp

add action=drop chain=forward comment=\
"UltraSurf Policy - Dropar Enderecos Comuns" disabled=yes \
dst-address-list=ultrasurf_address protocol=tcp

/ip firewall address-list
add address=65.49.2.0/24 comment="" disabled=yes list=ultrasurf_address
add address=65.49.14.0/24 comment="" disabled=yes list=ultrasurf_address
add address=72.21.0.0/24 comment="" disabled=yes list=ultrasurf_address

############################################################

OU

/ip firewall layer7
add name=http-tunnel regexp=”^get./login/fetchprotocolversion2.htm.http/[-~\t-\r]*host.cachenetwork.net

/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp src-address-list=imn-network address-list=http-tunnel address-list-timeout=1w layer7-protocol=http-tunnel in-interface=bg_balanc dst-port=80 comment=”ADD dst-add to http-tunnel (L7)

/ip firewall address-list
add address=72.14.192.0/18 comment="" disabled=yes list=ultra
add address=208.53.128.0/18 comment="" disabled=yes list=ultra
add address=98.136.0.0/14 comment="" disabled=yes list=ultra
add address=64.233.160.0/19 comment="" disabled=yes list=ultra
add address=124.108.120.0/21 comment="" disabled=yes list=ultra
add address=124.108.112.0/20 comment="" disabled=yes list=ultra
add address=68.180.128.0/17 comment="" disabled=yes list=ultra
add address=206.190.32.0/19 comment="" disabled=yes list=ultra
add address=202.158.49.0/24 comment="" disabled=yes list=ultra
add address=203.84.200.0/21 comment="" disabled=yes list=ultra
add address=203.84.204.0/22 comment="" disabled=yes list=ultra
add address=192.221.0.0/16 comment="" disabled=yes list=ultra

/ip firewall filter
add action=jump chain=forward comment="blok ultrasurf" disabled=no \
jump-target="url ultra" packet-mark="ultra packet"
add action=drop chain="url ultra" comment="" disabled=yes

/ip firewall mangle
add action=mark-connection chain=forward comment=ULTRASURF disabled=yes \
dst-address=0.0.0.0/0 dst-address-list=!ultra dst-port=443 \
new-connection-mark="ultra connect" passthrough=yes protocol=tcp

/ip firewall mangle
add action=mark-packet chain=forward comment="" connection-mark=\
"ultra connect" disabled=yes new-packet-mark="ultra packet" passthrough=\
yes

Respostas

Pedro Filho 30 de Maio de 2011 as 10:18pm

irei testar e valeu a dica...
Netloads 28 de Dezembro de 2011 as 1:15am

Alguém ja testou?
Welington Paiva Mendonça 27 de Março de 2014 as 10:01am

Bom dia,

Eu testei a última para para bloquear o Ultrasurf funcionou perfeitamente mais bloqueo o hotmail e gmail também como faço pra corrigir...

This reply was deleted.