5gnetnpbr
(usa Outra)
Enviado em 07/11/2015 - 15:37h
# Whatsapp Finder Script RouterOS v6.33rc33 #
# Adicione esta Parte Aqui no scheduler com Intervalo de 1 Minuto #
# O seu DNS precisa ser configurado statico, seu Gateway esta em DHCP client, vá la é desmarce a Opção do ,, use-peer-dns #
# ai vai a IP DNS é coloque o IP DNS, eu uso a Giga DNS, 189.38.95.95, 189.38.95.99 #
# se e tudo certinho esta parte do script vai rastrear qual quer pista do Whatsapp é coloquar os IP's de Destino na Lista de Endereços do Firewall #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 00:01:00 #
{
# STEP 1 set your prefered List Name here or leave it as it is #
:global lst "Whatsapp";
# Use DNS Entrys and add dst Address to the Firewall Address-list #
:foreach i in=[/ip dns cache all find where (name~"whatsapp" || name~"whatscom") && (type="A") ] do={
:local tmpAddress [/ip dns cache get $i address];
delay delay-time=10ms
# prevent script from using all cpu time #
:if ( [/ip firewall address-list find where address=$tmpAddress] = "") do={
:local cacheName [/ip dns cache get $i name] ;
:log info ("added entry: $cacheName $tmpAddress");
/ip firewall address-list add address=$tmpAddress list="$lst" comment=$cacheName;
}
}
}
# Só coloquar no New Terminal e rodar o Script, partida dai o mkt faz tudo sozinho, criar regras dynamicas no mangle, firewall filter #
# partida dai o mkt vai rastrear e bloquear tudo que tem aver com Whatsapp
# Whatsapp Blocker RouterOS v6.33rc33 #
# This here is the Version for New Terminal #
# add to Scheduler and run with Time Interval 06:00:00 #
{
# STEP 2 set your in-interface here #
# coloque aqui o nome da sua in-interface #
:local iif "minha-in-interface";
# STEP 3 set your jump target name for fw-mangle here, the same name will be the new chain or leave it as it is #
:local jt "whatsapp_mangle";
# STEP 4 set your jump rule comment here or leave it as it is #
:local jtc "Jump to Whatsapp Chain";
# STEP 5 set dst-address-here, you must get the same name which from STEP 1 or leave it as it is #
:local dal "Whatsapp";
# STEP 6 set your new-connection-mark name here or leave it as it is #
:local ncm "whats_con";
# STEP 7 determine the size in bytes here, connection is determined as valid after reaching size #
:local size "100";
# STEP 8 set your prefered connection-mark comment here or leave it as it is #
:local cmc "Whatsapp Connection";
# STEP 9 set your prefered src-address-list Name here or leave it as it is, this list will display your client IP addresses #
:local sal "Whatsapp User";
# STEP 10 set your prefered add-src-to-address-list comment here or leave it as it is #
:local sl "Whatsapp Add Src to Address List";
# STEP 11 set your own comment for drop rule, after reached Limit of STEP 7 the Malware connection will be closed #
:local mwc "Drop Whatsapp Con";
# STEP 12 set your jump target name for fw-filter here, the same name will be the new chain or leave it as it is #
:local fwf "whatsapp_chain";
# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #
# NÃO MUDE MAIS NADA ABAIXO DAQUI, SE NÃO O SCRIPT VAI QUEBRAR #
:log warning ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Removing old Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle remove [ find comment="$jtc" ];
/ip firewall mangle remove [ find comment="$cmc" ];
/ip firewall mangle remove [ find comment="$sl" ];
/ip firewall filter remove [ find comment="$jtc" ];
/ip firewall filter remove [ find comment="$mwc" ];
:log warning ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
:put ("Adding new Mangle=$jtc " . "Mangle=$cmc " . "Mangle=$sl " . "and Filter $jtc " . "else $mwc");
/ip firewall mangle
add chain="forward" protocol=tcp in-interface=$iif dst-address-list="$dal" action=jump jump-target="$jt" comment="$jtc"
add chain="$jt" protocol=tcp in-interface=$iif connection-state=established,new dst-address-list="$dal" \
action=mark-connection new-connection-mark="$ncm" connection-bytes="$size-0" passthrough=yes comment="$cmc"
add chain="$jt" dst-address-list="$dal" action=add-src-to-address-list address-list="$sal" address-list-timeout=6h \
connection-mark="$ncm" comment="$sl"
/ip firewall filter
add chain=forward protocol=tcp in-interface=$iif connection-mark="$ncm" action=jump jump-target="$fwf" comment="$jtc"
add chain="$fwf" protocol=tcp dst-port=80 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=443 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
add chain="$fwf" protocol=tcp dst-port=5222-5228 connection-mark="$ncm" action=drop dst-address-list="$dal" src-address-list="$sal" comment="$mwc"
}
# Este script aqui e do própio sistema, vai criar automaticamente as Tarefas no scheduler #
# Só Cuidado, depois de criado vai no scheduler é mude o Nome da in-interface #
# This is the version made by System, Insert to New Terminal and it generate ready schedule Rules #
# oct/27/2015 16:45:21 by RouterOS 6.33rc33 #
# software id = KPNX-1FGN #
/system scheduler
add comment="Whatsapp Finder" interval=1m name="Whatsapp Finder" on-event="# W\
hatsapp Finder Script RouterOS v6.33rc33 #\r\
\n# This here is the Version for New Terminal # \r\
\n# add to Scheduler and run with Time Interval 00:01:00 #\r\
\n{\r\
\n# STEP 1 set your prefered List Name here or leave it as it is #\r\
\n:global lst \"Whatsapp\";\r\
\n# Use DNS Entrys and add dst Address to the Firewall Address-list #\r\
\n:foreach i in=[/ip dns cache all find where (name~\"whatsapp\") && (type\
=\"A\") ] do={\r\
\n :local tmpAddress [/ip dns cache get \$i address];\r\
\ndelay delay-time=10ms\r\
\n# prevent script from using all cpu time #\r\
\n :if ( [/ip firewall address-list find where address=\$tmpAddress] = \
\"\") do={ \r\
\n :local cacheName [/ip dns cache get \$i name] ;\r\
\n :log info (\"added entry: \$cacheName \$tmpAddress\");\r\
\n /ip firewall address-list add address=\$tmpAddress list=\"\$lst\" c\
omment=\$cacheName;\r\
\n }\r\
\n }\r\
\n}" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup
add comment="Whatsapp Blocker" interval=6h name="Whatsapp Blocker" on-event="#\
\_Whatsapp Blocker RouterOS v6.33rc33 #\r\
\n# This here is the Version for New Terminal # \r\
\n# add to Scheduler and run with Time Interval 01:00:00 #\r\
\n{\r\
\n# STEP 2 set your in-interface here #\r\
\n:local iif \"bridge\";\r\
\n# STEP 3 set your jump target name for fw-mangle here, the same name wil\
l be the new chain or leave it as it is #\r\
\n:local jt \"whatsapp_mangle\";\r\
\n# STEP 4 set your jump rule comment here or leave it as it is #\r\
\n:local jtc \"Jump to Whatsapp Chain\";\r\
\n# STEP 5 set dst-address-here, you must get the same name which from STE\
P 1 or leave it as it is #\r\
\n:local dal \"Whatsapp\";\r\
\n# STEP 6 set your new-connection-mark name here or leave it as it is #\r\
\n:local ncm \"whats_con\";\r\
\n# STEP 7 determine the size in bytes here, connection is determined as v\
alid after reaching size #\r\
\n:local size \"100\";\r\
\n# STEP 8 set your prefered connection-mark comment here or leave it as i\
t is #\r\
\n:local cmc \"Whatsapp Connection\"; \r\
\n# STEP 9 set your prefered src-address-list Name here or leave it as it \
is, this list will display your client IP addresses #\r\
\n:local sal \"Whatsapp User\";\r\
\n# STEP 10 set your prefered add-src-to-address-list comment here or leav\
e it as it is #\r\
\n:local sl \"Whatsapp Add Src to Address List\";\r\
\n# STEP 11 set your own comment for drop rule, after reached Limit of STE\
P 7 the Malware connection will be closed #\r\
\n:local mwc \"Drop Whatsapp Con\";\r\
\n# STEP 12 set your jump target name for fw-filter here, the same name wi\
ll be the new chain or leave it as it is #\r\
\n:local fwf \"whatsapp_chain\";\r\
\n# DO NOT EDIT NOTHING BELOW, THIS CAN BREAK THE SCRIPT !!! #\r\
\n:log warning (\"Removing old Mangle=\$jtc \" . \"Mangle=\$cmc \" . \
\"Mangle=\$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\
\n:put (\"Removing old Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"Mangle=\
\$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\
\n/ip firewall mangle remove [ find comment=\"\$jtc\" ];\r\
\n/ip firewall mangle remove [ find comment=\"\$cmc\" ];\r\
\n/ip firewall mangle remove [ find comment=\"\$sl\" ];\r\
\n/ip firewall filter remove [ find comment=\"\$jtc\" ];\r\
\n/ip firewall filter remove [ find comment=\"\$mwc\" ];\r\
\n:log warning (\"Adding new Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"M\
angle=\$sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\
\n:put (\"Adding new Mangle=\$jtc \" . \"Mangle=\$cmc \" . \"Mangle=\$\
sl \" . \"and Filter \$jtc \" . \"else \$mwc\");\r\
\n/ip firewall mangle\r\
\nadd chain=\"forward\" protocol=tcp in-interface=\$iif action=jump jump-t\
arget=\"\$jt\" comment=\"\$jtc\"\r\
\nadd chain=\"\$jt\" protocol=tcp in-interface=\$iif connection-state=esta\
blished,new dst-address-list=\"\$dal\" \\ \r\
\naction=mark-connection new-connection-mark=\"\$ncm\" connection-bytes=\"\
\$size-0\" passthrough=yes comment=\"\$cmc\"\r\
\nadd chain=\"\$jt\" dst-address-list=\"\$dal\" action=add-src-to-address-\
list address-list=\"\$sal\" address-list-timeout=6h \\ \
\_ \r\
\nconnection-mark=\"\$ncm\" comment=\"\$sl\"\r\
\n/ip firewall filter\r\
\nadd chain=forward protocol=tcp in-interface=\$iif connection-mark=\"\$nc\
m\" action=jump jump-target=\"\$fwf\" comment=\"\$jtc\"\r\
\nadd chain=\"\$fwf\" protocol=tcp dst-port=80 connection-mark=\"\$ncm\" a\
ction=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" comment=\
\"\$mwc\"\r\
\nadd chain=\"\$fwf\" protocol=tcp dst-port=443 connection-mark=\"\$ncm\" \
action=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" comment=\
\"\$mwc\"\r\
\nadd chain=\"\$fwf\" protocol=tcp dst-port=5222-5228 connection-mark=\"\$\
ncm\" action=drop dst-address-list=\"\$dal\" src-address-list=\"\$sal\" co\
mment=\"\$mwc\"\r\
\n}\r\
\n\r\
\n\r\
\n\r\
\n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
start-time=startup