본문 바로가기
FortiGate/Security Profile

Telegram 관련 사용자 정의 Application 시그니처

by 에티버스이비티 2024. 10. 14.
  • Telegram
config application custom
  edit "telegram"
     set signature "F-SBID( --name "Telegram.Custom"; --flow from_client; --app_cat 28; --protocol tcp; --dst_port 443; --dst_addr [149.154.172.0/22,149.154.160.0/22,149.154.164.0/22,91.108.4.0/22,91.108.56.0/22,95.161.64.0/22,2001:b28:f23d::/48,2001:67c:4e8::/48];)"
     set category 23
  next
end

 

  • Telegram File Transfer
config application custom
  edit "telegram-file"
    set signature "F-SBID( --name "Telegram.FileTransfer.Custom"; --protocol tcp; --flow from_client; --dst_port 443; --seq >,23000,relative; --ack <,1000,relative; --data_size >1024; --dst_addr [149.154.172.0/22,149.154.164.0/24,91.108.56.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
    set category 23
  next
end


config application custom
  edit "telegram-file-download"
    set signature "F-SBID( --name "Telegram.FileTransfer.Custom2"; --protocol tcp; --flow from_server; --src_port 443; --seq >,12000,relative; --ack <,1000,relative; --data_size >1024; --src_addr [149.154.172.0/22,149.154.164.0/24,91.108.56.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
    set category 23
  next
end
 

config application custom
  edit "telegram-file-upload"
    set signature "F-SBID( --name "Telegram.FileTransfer.upload.Custom"; --protocol tcp; --flow from_client; --dst_port 443; --seq >,10000,relative; --ack <,1000,relative; --data_size >1024; --dst_addr [149.154.172.0/22,149.154.170.0/22,149.154.164.0/24,91.108.56.0/24,149.154.171.0/24,149.154.167.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
    set category 23
  next
end

댓글