Blocking Tor Browser on Juniper SRX

SOURCE: http://www.mustbegeek.com/block-tor-application-in-juniper-srx/
Copy ips from
http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv
https://www.dan.me.uk/torlist/
Download my Excel file and paste those ips into row A1
https://mega.co.nz/#!dFsAnDIT!9c6G42zTHtKOkNW7GsgbFK-jKfaXd4hRU35eFjeQTUo
Remove duplicate entries by selecting column A and B, then click menu DATA, click Remove Duplicate button
Copy all ips in column B

-create prefix-list TOR-LIST
# edit policy-options prefix-list TOR-LIST
# load merge terminal relative
[Type ^D at a new line to end input]
paste all ips from Excel here
Control-D

-create firewall filter BLOCK-TOR
# edit firewall filter BLOCK-TOR
# set term TOR-LIST from source-prefix-list TOR-LIST
# set term TOR-LIST then syslog discard
# set term ALLOW-REST then accept

-add BLOCK-TOR filter into interface facing internet
# set interfaces ge-0/0/0.0 family inet filter input BLOCK-TOR
# commit

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s