Siamcafe.net ClearOs Linux Sme
Pages: 1
¼ÁÍÂÒ¡ä´é rc.Firewall µÑǹÕéÍФѺ By: ujang Date: ¹ 03, 2012, 10:50:41 PM
¾Í´Õ¼ÁªÍº Firewall µÑǹÕéÁÒ¡æÁѹãªé´Õ¹Ð¤Ñºáµè¾Í´Õªèǧ¹ÕéÁѹàÍèÍæ àÅÂÍÂÒ¡ä´éµÑÇ Origi  ÍèҤѺ


ËÃ×ÍäÁè¡ç´ÙãËé·Õ¤Ñº Áѹ仼Դ¾ÅÒ´ÍÐäõçä˹ ¾Í´Õfirewall ÁѹäÁè·Ó§Ò¹àͧÁѹ Failed ·Ø¡¤ÃÑé§àÅ ¼Áµéͧà¢éÒä»ã¹ Putty áÅéǾÔÁ¤ÓÊÑè§ service firewall restart ·Ø¡¤ÃÑé§àÅ Áѹ¶Ö§¨Òãªéä´é áÅéÇ¡çàÇÅÒà¹çµµÑ´ à¹çµÍÕ¡àÊé¹Áѹ¨Ðä»ÃÇÁ¡Ñ¹¤×Í firewall Áѹ¨ÐäÁè·Ó§Ò¹ auto ¼ÁµéͧÊÑè§Áѹàͧ·Ø¡¤ÃÑ駷Õèà¹çµµÑ´ÍèҤѺ  002 ú¡Ç¹Ë¹è͹ФѺ  002 002 002




# ----- 3 WANs By Mr.X

# ----- change to you local IP



Lan="192.168.1.251/16"

Games="MULTIWAN_ppp0"

Net="MULTIWAN_ppp1"

Any="0.0.0.0/0"

E="eth1"

# ----- start fwmark

# ----- finding pppX address gateway

eth1_addr=`ifconfig | grep -A1 eth1 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`

ppp0_addr=`ifconfig | grep -A1 ppp0 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`

ppp1_addr=`ifconfig | grep -A1 ppp1 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`

ppp2_addr=`ifconfig | grep -A1 ppp2 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`

ppp3_addr=`ifconfig | grep -A1 ppp3 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`

ppp4_addr=`ifconfig | grep -A1 ppp4 | tail -1 | cut -d : -f 2 | cut -f 1 -d " "`



ppp0_gw=`ip route | grep ppp0 | head -1 | cut -f 1 -d " "`

ppp1_gw=`ip route | grep ppp1 | head -1 | cut -f 1 -d " "`

ppp2_gw=`ip route | grep ppp2 | head -1 | cut -f 1 -d " "`

ppp3_gw=`ip route | grep ppp3 | head -1 | cut -f 1 -d " "`

ppp4_gw=`ip route | grep ppp4 | head -1 | cut -f 1 -d " "`



# Flush and rebuild rule for table 250 ( load balance )

ip route flush cache

ip route replace table 250 default proto static nexthop via $ppp1_gw dev ppp1 weight 1


# ----- Squid

if [ -f /var/run/squid.pid ]; then

iptables -t nat -D PREROUTING -i $E -p tcp -s $Lan -d $Any -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128 > /dev/null

iptables -t nat -A PREROUTING -i $E -p tcp -s $Lan -d $Any -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128

# CSO

iptables -t nat -D PREROUTING -i $E -p tcp -d 202.43.33.122 --dport 9898 -j REDIRECT --to-port 3128 > /dev/null

iptables -t nat -A PREROUTING -i $E -p tcp -d 202.43.33.122 --dport 9898 -j REDIRECT --to-port 3128

iptables -t nat -D OUTPUT -o $E -p tcp -d 202.43.33.122 --dport 80 -j DNAT --to 202.43.33.122:9898 > /dev/null

iptables -t nat -A OUTPUT -o $E -p tcp -d 202.43.33.122 --dport 80 -j DNAT --to 202.43.33.122:9898

# bypass

iptables -t nat -D PREROUTING -i $E -p tcp  -d 210.1.58.32 -m multiport --destination-port 80 -j ACCEPT > /dev/null

iptables -t nat -I PREROUTING -i $E -p tcp  -d 210.1.58.32 -m multiport --destination-port 80 -j ACCEPT

iptables -t nat -D PREROUTING -i $E -p tcp  -d icafe.gg.in.th -m multiport --destination-port 80 -j ACCEPT > /dev/null

iptables -t nat -I PREROUTING -i $E -p tcp  -d icafe.gg.in.th -m multiport --destination-port 80 -j ACCEPT

iptables -t nat -D PREROUTING -i $E -p tcp  -d netcafe.ini3.co.th -m multiport --destination-port 80 -j ACCEPT > /dev/null

iptables -t nat -I PREROUTING -i $E -p tcp  -d netcafe.ini3.co.th -m multiport --destination-port 80 -j ACCEPT

iptables -t nat -D PREROUTING -i $E -p tcp  -d ccpi.winner.co.th -m multiport --destination-port 80 -j ACCEPT > /dev/null

iptables -t nat -I PREROUTING -i $E -p tcp  -d ccpi.winner.co.th -m multiport --destination-port 80 -j ACCEPT

iptables -t nat -D PREROUTING -i $E -p tcp  -d redstone.vplay.in.th -m multiport --destination-port 80 -j ACCEPT > /dev/null

iptables -t nat -I PREROUTING -i $E -p tcp  -d redstone.vplay.in.th -m multiport --destination-port 80 -j ACCEPT

fi






# ----- Msn Yahoo Icq Irc

if [ -f /var/run/imspector.pid ]; then

iptables -t nat -D PREROUTING -i $E -p tcp -m multiport --destination-port 1863,6667,5050,5190 -j REDIRECT --to-port 16667 > /dev/null

iptables -t nat -A PREROUTING -i $E -p tcp -m multiport --destination-port 1863,6667,5050,5190 -j REDIRECT --to-port 16667

fi


#### Mark Games To Gameline 1 ####

ipls=(

#----------- Asiasoft -----------

203.144.166.0/24   #-->>Dekaron

203.144.223.0/24   #-->>Cabal

122.155.11.0/24 #-->>Cabal Patch Server,Ro Server

122.155.10.0/24 #-->>Ro Server

61.90.227.0/24   #-->>Maple

203.144.137.0/24   #-->>Ts

203.144.244.0/24   #-->>Ge

203.144.132.0/24   #-->> Yulgang ,Richman,Wffm ,Summoner ,Ge

203.144.130.0/24   #-->>GhostOnline, SuddenAttack

203.144.179.0/24   #-->>Yulgang

#----------- Playpark -----------

203.144.179.0/24   #-->>Freestyl s

61.90.227.0/24   #-->>Audition

#----------- PlayPlusGames -----------

210.86.180.0/24   #-->>Getamped

203.113.10.0/24   #-->>Talesrunner

61.47.6.0/24   #-->>Darkstory

61.90.252.0/24   #-->>Linage2

202.43.34.0/24   #-->>Luna

61.90.203.0/24   #-->>Special force

61.47.57.0/24   #-->>Pvp

58.97.46.0/24   #-->>Hipstreet

61.91.72.0/24   #-->>PointBlank

110.164.183.0/24   #-->>Raycity

61.91.68.0/24   #-->>Fifa2

158.39.49.0/24   #-->>Fifa2   

159.153.186.0/24   #-->>Fifa2

61.91.69.0/24   #-->>KartRider

58.147.89.0/24   #-->>Zone4

203.113.10.0/24   #-->>Wedo

202.43.36.0/24   #-->>Ex3

61.91.226.0/24   #-->>Karma

#----------- Winner games -----------

202.43.33.0/24   #-->>Ryl,Superdance,Ace

202.43.35.0/24   #-->>Xshot,Zero,Cso,SealPlus,Ace

202.170.113.0/24  #-->>RF-Online

#----------- CubizoneGames -----------

61.91.123.0/24   #-->>Q-World

61.91.122.0/24   #-->>ZhuXian,DriftStreet,Nostale

# ----- Ini3 games

58.64.24.0/24   #-->> Pangya ,FantaTennis

#----------- Onnud20Games -----------

202.43.35.0/24   #-->>9hero

202.170.121.0/24   #-->>Sixsaint

202.170.121.0/24   #-->>Ws

#----------- InterGames -----------

217.110.102.0/24   #-->>S4league

64.93.83.0/24   #-->>dekaron

125.211.204.0/24   #-->>Gundam

210.48.144.0/24   #-->>WS

116.211.29.0/24   #-->>AionOnline

#----------- Funbox -----------

61.47.6.0/24   #-->>Hyo1

61.47.39.0/24   #-->>Hyo2

122.155.2.0/24   #-->>FunboxGame

#----------- TCGNetworkServer -----------

210.86.182.0/24   #-->>DotA

210.86.186.0/24   #-->>DotA

122.155.12.0/24   #-->>TCGNetworkServer

203.144.224.0/24   #-->>TCGNetworkServer

61.91.127.0/24   #-->>TCGNetworkServer

61.19.241.0/24   #-->>TCGNetworkServer

#----------- Other Server -----------

61.91.127.0/24   #-->Eco

61.90.198.0/24   #-->>Laghaim

61.19.255.41   #-->>N-age

118.129.147.0/24   #-->>Seal

203.146.215.0/24   #-->>rag

203.150.228.0/24   #-->>COD4

202.142.207.140   #-->>GamesWeb

210.1.31.43   #-->> RFonline-Other ,GunBound

203.146.140.0/24   #-->>ro-sky.com

#----------- IP Bonus -----------

secure1.asiasoft.co.th   #-->>AsiasoftCafe

secure2.asiasoft.co.th   #-->>AsiasoftCafe

secure3.asiasoft.co.th   #-->>AsiasoftCafe

secure4.asiasoft.co.th   #-->>AsiasoftCafe

ccpi.winner.co.th   #-->>Winner

netcafe.ini3.co.th   #-->>Ini3Cafe

122.155.2.0/24   #-->>FunBox

202.142.207.0/24   #-->>CyberCafe

ip-game-plus.truefaster.com   #-->>TRueFaster.com IP-Bonus

proxy-inter-1.truefaster.com   #-->>TRueFaster.com Proxy VPN Inter Server 1 + IP-Bonus

proxy-inter-2.truefaster.com   #-->>TRueFaster.com Proxy VPN Inter Server 2 + IP-Bonus

proxy-only.truefaster.com   #-->>TRueFaster.com server VPN Proxy Only

icafe.gg.in.th

redstone.vplay.in.th

119.46.128.0/24   #-->> Rohan IP



)

for ipl in ${ipls
do

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p all -d $ipl -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p all -d $ipl -j $Games

done

# Easycash IPBonus web bypass to game line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d easycash.in.th --destination-port 80 -j ACCEPT > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d easycash.in.th --destination-port 80 -j ACCEPT

# icafe.gg.in.th IPBonus web bypass to game line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d icafe.gg.in.th --destination-port 80 -j ACCEPT > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d icafe.gg.in.th --destination-port 80 -j ACCEPT

# Ini3 IPBonus web bypass to game line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d netcafe.ini3.co.th --destination-port 80 -j ACCEPT > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d netcafe.ini3.co.th --destination-port 80 -j ACCEPT

# Winner IPBonus web bypass to game line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d ccpi.winner.co.th --destination-port 80 -j ACCEPT > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d ccpi.winner.co.th --destination-port 80 -j ACCEPT

# VCafe IPBonus web bypass to game line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d redstone.vplay.in.th --destination-port 80 -j ACCEPT > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d redstone.vplay.in.th --destination-port 80 -j ACCEPT


# Tread some port To Net Line

portnetls=(

20:25

80

110

443

554

1863

1935

2009

3389

5050

5190

5977

6001

6005

6667

8021

8080

9098

9770

9898

)

for portnet in ${portnetls
do

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any --destination-port $portnet -j $Net > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any --destination-port $portnet -j $Net

done

# Camfrog ( Mark Camfrog To Net Line )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any -m multiport --source-port 5000:15000 -j $Net > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any -m multiport --source-port 5000:15000 -j $Net


# P2P

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p all -d $Any -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j $Net > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p all -d $Any -m ipp2p --kazaa --gnu --edk --dc --bit --apple --soul --winmx --ares -j $Net



# Dns ( Mark Domain name server to Net Line )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any --destination-port 53 -j $Net > /dev/null

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any --destination-port 53 -j $Net > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any --destination-port 53 -j $Net

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any --destination-port 53 -j $Net


# Fifa 2

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d 61.91.68.0/24 -m multiport --destination-port 443,1863,6215,6216,6316 -j $Games > /dev/null

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p udp -d 61.91.68.0/24 -m multiport --destination-port 32768:65535 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d 61.91.68.0/24 -m multiport --destination-port 443,1863,6215,6216,6316 -j $Games

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p udp -d 61.91.68.0/24 -m multiport --destination-port 32768:65535 -j $Games



# Cre Games2 ( All With GG )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --source-port 1513:1514,7001:7255,8687:8688 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --source-port 1513:1514,7001:7255,8687:8688 -j $Games



# Join Games2 ( All With GG )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --destination-port 1513:1514,6006:6255,7000:7255,8687:8688 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --destination-port 1513:1514,6006:6255,7000:7255,8687:8688 -j $Games



# Steam ( all games with steam )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --destination-port 27020:27050 -j $Games > /dev/null

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any -m multiport --destination-port 27000:27020 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d $Any -m multiport --destination-port 27020:27050 -j $Games

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p udp -d $Any -m multiport --destination-port 27000:27020 -j $Games


# IPBONUS ( Mark IPBONUS to Games Line )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure1.asiasoft.co.th --destination-port 443 -j $Games > /dev/null

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure2.asiasoft.co.th --destination-port 443 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure1.asiasoft.co.th --destination-port 443 -j $Games

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure2.asiasoft.co.th --destination-port 443 -j $Games

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure3.asiasoft.co.th --destination-port 443 -j $Games > /dev/null

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure4.asiasoft.co.th --destination-port 443 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure3.asiasoft.co.th --destination-port 443 -j $Games

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d secure4.asiasoft.co.th --destination-port 443 -j $Games


# Karma Login IPbonus Playplus mark To game Line

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d karma-logon.gg.in.th --destination-port 11201 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d karma-logon.gg.in.th --destination-port 11201 -j $Games


# IPBONUS ( Easycash )

iptables -t mangle -D MULTIWAN_MARK -i $E -s $Lan -p tcp -d easycash.in.th --destination-port 443 -j $Games > /dev/null

iptables -t mangle -A MULTIWAN_MARK -i $E -s $Lan -p tcp -d easycash.in.th --destination-port 443 -j $Games



Network by siamcafe.net | Memory server MemoryToday.com |Tuned by  | Special thanks Tdelphi  

copyright©2001 siamcafe.net allrights reserve