I need to block packets from any source that includes some special User agents using IPTables. But I don’t want to manage it via .htaccess or Apache. Is there any way?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
You can do it like this:
iptables -A INPUT -p tcp --dport 80 -m string --algo bm --string "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" -j DROP
回答2:
Short answer: No.
Long answer: You could try something using the string match with iptables (see iptables -m string -h). However, the clients would still be able to connect to your server, the only thing you could do is interrupt the connection in the middle of the request. And if the user agent header happens to be split across multiple IP packets, you are out of luck.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 来,给爷笑一个 的文章《How can I block some special User-agents Via IPTab》','https://www.manongdao.com/article-724323.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}