FortiGate/Security Profile
Telegram 관련 사용자 정의 Application 시그니처
에티버스이비티
2024. 10. 14. 08:59
- Telegram
config application custom
edit "telegram"
set signature "F-SBID( --name "Telegram.Custom"; --flow from_client; --app_cat 28; --protocol tcp; --dst_port 443; --dst_addr [149.154.172.0/22,149.154.160.0/22,149.154.164.0/22,91.108.4.0/22,91.108.56.0/22,95.161.64.0/22,2001:b28:f23d::/48,2001:67c:4e8::/48];)"
set category 23
next
end
- Telegram File Transfer
config application custom
edit "telegram-file"
set signature "F-SBID( --name "Telegram.FileTransfer.Custom"; --protocol tcp; --flow from_client; --dst_port 443; --seq >,23000,relative; --ack <,1000,relative; --data_size >1024; --dst_addr [149.154.172.0/22,149.154.164.0/24,91.108.56.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
set category 23
next
end
config application custom
edit "telegram-file-download"
set signature "F-SBID( --name "Telegram.FileTransfer.Custom2"; --protocol tcp; --flow from_server; --src_port 443; --seq >,12000,relative; --ack <,1000,relative; --data_size >1024; --src_addr [149.154.172.0/22,149.154.164.0/24,91.108.56.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
set category 23
next
end
config application custom
edit "telegram-file-upload"
set signature "F-SBID( --name "Telegram.FileTransfer.upload.Custom"; --protocol tcp; --flow from_client; --dst_port 443; --seq >,10000,relative; --ack <,1000,relative; --data_size >1024; --dst_addr [149.154.172.0/22,149.154.170.0/22,149.154.164.0/24,91.108.56.0/24,149.154.171.0/24,149.154.167.0/24]; --pattern !"|16 03|"; --context packet; --within 2,context; --pattern !"|17 03|"; --context packet; --within 2,context; --app_cat 28; --weight 20; )"
set category 23
next
end