Within the network now requires users against QQ, chat and online games such as software Lianzhong demand gradually increased, engineers dealt with the recent sale of a kind of business. Engineers in the process found some solutions, will now proceed to sum up, hoping for your reference. Following the analysis of these applications to 11.
First, the connection block QQ
QQ not only through the new log server UDP, TCP is also able to log. QQ in connection to the following seven first server port to send udp packets 8000.
sz.tencent.com 61.144.238.145
sz2.tencent.com 61.144.238.146
sz3.tencent.com 202.104.129.251
sz4.tencent.com 202.104.129.254
sz5.tencent.com 61.141.194.203
sz6.tencent.com 202.104.129.252
sz7.tencent.com 202.104.129.253
In connection blocking port 8000, QQ will find the 8001 through udp and tcp in the 8000,8001 ports to connect. In view of these ports now used only QQ, so you can make based on the port to block the rules.
More ports in a firewall blocking the packets and found QQ 80 and also through tcp port 443 to connect. If for these two ports to block the rules will affect the user's normal access to Internet ip address only on the server to make the rules. The experiment can be found in the following 80 and 443 port to connect the QQ server:
218.17.217.106
219.133.40.95
219.133.40.97,
219.133.40.157,
219.133.40.177,
219.133.40.73,
219.133.40.189
218.18.95.153
218.17.209.23
202.104.129.253
218.17.209.42
In response to these IP to block the rules, QQ basically can not log on.
In the study also found that, QQ install directory Config.db file, which records the QQ server address, and we found in full compliance with the above.
Therefore, use a firewall to prevent Internet users QQ, in addition to block tcp and udp in the 8000,8001 ports, and the QQ needs to block the connection to the server. Here are found in the test and be found online QQ Server IP:
61.141.194.203
61.144.238.145/146/149/155
61.172.249.135
65.54.229.253
202.96.170.164
202.104.129.151/251/252/253/254
211.157.38.38
218.17.209.23/42
218.17.217.106
218.18.95.153/165
219.133.40. 21/73/89/90/92/95/97/157/177/189 (more of this segment of the server address, consider blocking the entire network segment)
Although the above methods can play the role of the connection block QQ, but if Tencent QQ server to add new, QQ also still be able to login. In addition, third-party proxy software, such as NEC E-BORDER, and support the Socks5 proxy Anonymous was possible to go around, landing using QQ.
Second, the connection blocking MSN
MSN connection in addition to using the regular 1863 port, the port will use the 7001 and 80, as the two ports to other network services involving the application, so it can block QQ connection with the method, by blocking and MSN connection to the server, to achieve user requirements.
The following are examples found in the test server IP:
64.4.12.200/201
65.54.194.117
207.46.68.23
207.46.104.20
207.46.107.14/125
207.46.110.27/28/254
Upon inquiry, the server IP are in North America.
Likewise, Microsoft's MSN server or add new users to use a proxy, or can log on MSN.
Third, blocking the connection OurGame
Blocking the connection OurGame relatively easier to friends. When the client connect to the server, the server will first establish a connection port 2000 (61.55.138.219:2000). After the connection is established, will use the server's 1007,2001,2002,3015 port.
In the study, only the 2000 port blocked packet, the client has been unable to connect server.
4, blocking the connection Keleba
Keleba clients connect to the server, the first to open Keleba home page (www.kele8.com), re-enter the game through the Home lobby, all the rules as long as the definition of a URL, filtering address "* kele8 *" can be.