标签:
在我的树莓派路由器上加入如下防火墙规则, 其中的Mac地址是天猫魔盒的Mac地址:
iptables -t filter -A FORWARD -d 42.96.128.0/17 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 42.120.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 42.121.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 42.156.128.0/17 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.75.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.76.0.0/19 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.76.32.0/20 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.76.48.0/20 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.173.192.0/20 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 110.173.208.0/20 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 112.74.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 112.124.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 112.127.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 114.215.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 115.28.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 115.29.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 115.124.16.0/22 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 115.124.20.0/22 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 115.124.24.0/21 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 119.38.208.0/21 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 119.38.216.0/21 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 119.42.224.0/20 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 119.42.242.0/23 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 119.42.244.0/22 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.24.0.0/14 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.24.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.0.0/18 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.64.0/19 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.96.0/21 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.108.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.110.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 120.25.111.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.0.16.0/21 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.0.24.0/22 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.0.28.0/22 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.40.0.0/14 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.0.0/18 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.0.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.64.0/18 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.128.0/18 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.192.0/19 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.42.224.0/19 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.196.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.197.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.198.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 121.199.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 140.205.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 203.209.250.0/23 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 218.244.128.0/19 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.4.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.5.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.5.5.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.6.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.6.6.0/24 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP iptables -t filter -A FORWARD -d 223.7.0.0/16 -m --mac-source XX:XX:XX:XX:XX:XX -j DROP
标签:
原文地址:http://www.cnblogs.com/IvanChen/p/5178908.html