宽带技术网»首页 ::::: 技 术 交 流 区 ::::: 『 ADSL技术交流区 』(历史记录) ADSL Modem 限BT 规则
返回列表 发新帖
查看: 3821|回复: 2

ADSL Modem 限BT 规则

[复制链接]
adscrz
发表于 2007-9-23 13:25:29 | 显示全部楼层 |阅读模式
AD Modem 限BT 规则
最近家里的宽带,经常有人用BT,搞到大家都上不了网,本想买个限速的路由器,无奈相中的停产,带QOS服务的又太贵,只好打modem 的主意,我的设置是每天10:00~23:00禁止使用BT,其它时间段可以:
增加与时间服务器同步:
create sntp servaddr dname time-b.nist.gov
create sntp servaddr dname time.nist.gov
modify sntp cfg enable
允许访问时间服务器:
create ipf rule entry ruleid 812 ifname public dir out act accept transprot eq num 17 destport eq num 123 seclevel  medium logtag "Time123"
每天10:00 ~ 23:00 禁止用BT
create ipf rule entry ruleid 800 ifname public dir out transprot eq num 6 todfrom 10:00:00 todto 22:59:00 seclevel  medium logtag "Deny TCP"
create ipf rule entry ruleid 900 ifname public dir out transprot eq num 17 todfrom 10:00:00 todto 22:59:00 seclevel  medium logtag "Deny UDP"
TCP 超时连接减少:
modify nat global tcpidletimeout 4800 tcpclosewait 15 tcptimeout 15 udptimeout 60 defnatage 15 portend 60000 enable
在MT800 及 华硕6000EV 上测试通过,正在使用中……
有问题请mail: adscrz@163.com 讨论,谢谢!
回复

举报

tangnt
发表于 2007-9-23 17:01:55 | 显示全部楼层

ADSL Modem 限BT 规则

我照你的设置了,结果不能上网了。
回复

举报

adscrz
 楼主| 发表于 2007-9-24 10:31:49 | 显示全部楼层

ADSL Modem 限BT 规则

请把完整的规则设上,如果只设部分,当然不能上啦:
modify fwl global  blistprotect enable attackprotect enable dosprotect enable maxtcpconn 15 maxicmpconn 15 maxsinglehostconn 20
create ipf rule entry ruleid 3 ifname public dir in act accept transprot eq num 6 destport eq num 80 seclevel  medium logtag "Web in"
create ipf rule entry ruleid 700 ifname public dir out act accept transprot eq num 6 destport eq num 80 seclevel  medium logtag "WEB 80"
create ipf rule entry ruleid 702 ifname public dir out act accept transprot eq num 6 destport eq num 443 seclevel  medium logtag "web 443"
create ipf rule entry ruleid 704 ifname public dir out act accept transprot eq num 6 destport eq num 110 seclevel  medium logtag "POP"
create ipf rule entry ruleid 706 ifname public dir out act accept transprot eq num 6 destport eq num 1995 seclevel  medium logtag "POP SSL"
create ipf rule entry ruleid 708 ifname public dir out act accept transprot eq num 6 destport eq num 995 seclevel  medium logtag "POP SSL"
create ipf rule entry ruleid 710 ifname public dir out act accept transprot eq num 6 destport eq num 465 seclevel  medium logtag "SMTP SSL465"
create ipf rule entry ruleid 712 ifname public dir out act accept transprot eq num 6 destport eq num 25 seclevel  medium logtag "SMTP25"
create ipf rule entry ruleid 714 ifname public dir out act accept transprot eq num 6 destport eq num 21 seclevel  medium logtag "FTP"
create ipf rule entry ruleid 716 ifname public dir in act accept transprot eq num 6 destport eq num 21 seclevel  medium logtag "ftp in"
create ipf rule entry ruleid 718 ifname public dir out act accept transprot eq num 6 srcport eq num 21 seclevel  medium logtag "ftp out"
create ipf rule entry ruleid 720 ifname public dir in act accept transprot eq num 6 destport eq num 23 seclevel  medium logtag "telnet in"
create ipf rule entry ruleid 722 ifname public dir out act accept transprot eq num 6 srcport eq num 23 seclevel  medium logtag "telnet out"
create ipf rule entry ruleid 724 ifname public dir out act accept transprot eq num 6 destport eq num 7708 seclevel  medium logtag "shares1"
create ipf rule entry ruleid 726 ifname public dir out act accept transprot eq num 6 destport eq num 7709 seclevel  medium logtag "shares2"
create ipf rule entry ruleid 728 ifname public dir out act accept transprot eq num 6 destport eq num 8601 seclevel  medium logtag "shares3"
create ipf rule entry ruleid 730 ifname public dir out act accept transprot eq num 6 destport eq num 8003 seclevel  medium logtag "shares4"
create ipf rule entry ruleid 732 ifname public dir out act accept transprot eq num 6 destport eq num 8004 seclevel  medium logtag "shares5"
create ipf rule entry ruleid 734 ifname public dir out act accept transprot eq num 6 destport eq num 8015 seclevel  medium logtag "shares6"
create ipf rule entry ruleid 740 ifname public dir out act accept transprot eq num 6 destport eq num 8000 seclevel  medium logtag "ChinaGame"
create ipf rule entry ruleid 750 ifname public dir out act accept transprot eq num 6 destport eq num 29000 seclevel  medium logtag "Perfect1"
create ipf rule entry ruleid 780 dir out destaddr eq 219.133.60.243 seclevel  medium logtag "QQ backdoor"
create ipf rule entry ruleid 800 ifname public dir out transprot eq num 6 todfrom 10:00:00 todto 22:59:00 seclevel  medium logtag "Deny TCP"
create ipf rule entry ruleid 810 ifname public dir out act accept transprot eq num 17 destport eq num 53 seclevel  medium logtag "DNS53"
create ipf rule entry ruleid 812 ifname public dir out act accept transprot eq num 17 destport eq num 123 seclevel  medium logtag "Time123"
create ipf rule entry ruleid 900 ifname public dir out transprot eq num 17 todfrom 10:00:00 todto 22:59:00 seclevel  medium logtag "Deny UDP"
modify ipf global  seclevel medium pubdefact accept dmzdefact accept
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

关闭

站长推荐上一条 /1 下一条

Archiver|小黑屋|宽带技术网 |网站地图 粤公网安备44152102000001号

相关侵权、举报、投诉及建议等,请发 E-mail:yesdong@qq.com

Powered by Discuz! X5.0 Licensed © 2001-2026 Discuz! Team.44152102000001

在本版发帖QQ客服返回顶部