Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking Ultrasurf 14.02

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 5 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Crow
      last edited by

      Hello team. I would just like to ask if we have new list of CIDR for ultrasurf 14.02. I was able to block ultrasurf until 13.04 but ultrasurf 14.02 can now connect. Thanks in advance.

      1 Reply Last reply Reply Quote 0
      • N
        Naveed Nomi
        last edited by

        can you provide me ip and cidr of streaming websites like vimeo and free lancing websites odesk.com

        1 Reply Last reply Reply Quote 0
        • P
          pepemagana
          last edited by

          Think we must make a repository of CIDR's with ultrasurf lists, facebook, youtube etc, like shalalist or kind of…
          Any volunteer?

          1 Reply Last reply Reply Quote 0
          • C
            chris4916
            last edited by

            Do you think, guys, that such approach makes sense  ???
            Wouldn't this be an already lost battle ?

            I mean IP addresses are going to be changed on very regular basis. One will need to track it.

            My understanding of Ultrasurf is quite poor for the time being but I'm thinking that if you:

            • prevent any internet access not controlled by your local proxy, obviously not in transparent mode otherwise HTTPS is not ahndled
            • deny HTTP(S) requests to any IP address (thus making URL based on FQDN mandatory)

            then it will be much more difficult for Ultrasurf to reach its external proxies.

            Next step would be to set-up Snort so that it listens to LAN interface. With the right signature, snort should be able to implement the second stage of this control.

            For sure, this is not costless in term of resources  :(

            Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

            1 Reply Last reply Reply Quote 0
            • D
              dreamslacker
              last edited by

              @pepemagana:

              Think we must make a repository of CIDR's with ultrasurf lists, facebook, youtube etc, like shalalist or kind of…
              Any volunteer?

              There are several on the internet. Hurricane Electric amongst others.

              Do a Google search for "Facebook ASN" or "Google ASN". Check the HE result (starts with bgp.he), click on IPV4 prefixes and you'll get a list of the CIDR network ranges used.

              Unfortunately, because Youtube shares networks with Google, this method cannot be used to block Youtube without blocking Google. So you will, in this case, need to use Squid with Squidguard (or just manually enter the (sub-)domains to block).

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.