{"id":853,"date":"2010-03-13T00:22:53","date_gmt":"2010-03-12T16:22:53","guid":{"rendered":"http:\/\/www.impjq.net\/blog\/2010\/03\/13\/gentoo%e4%b8%8a%e4%bd%bf%e7%94%a8%e2%80%9c%e8%a5%bf%e5%8e%a2%e8%ae%a1%e5%88%92%e2%80%9d-west-chamber\/"},"modified":"2010-03-13T00:22:53","modified_gmt":"2010-03-12T16:22:53","slug":"gentoo%e4%b8%8a%e4%bd%bf%e7%94%a8%e8%a5%bf%e5%8e%a2%e8%ae%a1%e5%88%92-west-chamber","status":"publish","type":"post","link":"https:\/\/pjq.me\/?p=853","title":{"rendered":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)"},"content":{"rendered":"

Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)<\/a>Technorati Tags: GFW<\/a>, \u897f\u53a2\u8ba1\u5212<\/a>, Gentoo<\/a>, west-chamber<\/a>, iptables<\/a><\/p>\n

\u8fd9\u91cc\u662f\u6b64\u9879\u8ba1\u5212\u7684\u8bf4\u660e\uff1a
\nhttp:\/\/code.google.com\/p\/scholarzhang\/wiki\/README<\/a><\/p>\n

\u6b64\u9879\u8ba1\u5212\u4e00\u51fa\u7acb\u523b\u5728\u7f51\u7edc\u4e0a\uff0c\u5f15\u8d77\u4e86\u8f70\u52a8\uff0c\u5230\u5904\u90fd\u662f\u5173\u4e8e\u5b83\u7684\u8ba8\u8bba\u3002
\n\u6211\u4e5f\u5bf9\u8fd9\u4e2a\u5f88\u597d\u5947\uff0c\u60f3\u65e9\u70b9\u770b\u4e00\u4e0b\u8fd9\u4e2a\u5230\u5e95\u662f\u4ec0\u4e48\u4e1c\u897f\u3002
\n
\n\u4e0b\u9762\u7b80\u8981\u8bb0\u8ff0\u4e00\u4e0b\u6211\u5b89\u88c5\u7684\u8fc7\u7a0b\u548c\u9047\u5230\u7684\u4e00\u4e9b\u95ee\u9898\uff1a
\n1.\u4e0b\u8f7d
\nhttp:\/\/scholarzhang.googlecode.com\/files\/west-chamber-0.0.1.tar.gz<\/a><\/p>\n

2.\u5b89\u88c5
\nhttp:\/\/code.google.com\/p\/scholarzhang\/wiki\/INSTALL<\/a>\u5b89\u88c5\u8bf4\u660e\u4e2d\u6709\u5982\u4e0b\u8bf4\u660e\uff1a<\/p>\n

\niptables >= 1.4.3\nkernel >= 2.6.17 (>= 2.6.18.5 if 2.6.18.x)\n- CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK\n- CONFIG_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_MARK enabled =y or as module (=m)\n<\/pre>\n
\uff081\uff09\u5728\u5b9e\u9645\u7684\u5b89\u88c5\u8fc7\u7a0b\u4e2d\uff0c\u6709\u9047\u5230iptables\u7248\u672c\u4e0d\u5bf9\uff0cmatch-set\u4e0d\u5b58\u5728\u7684\u9519\u8bef\uff0c\u53ea\u597d\u5c06iptables \u5347\u7ea7\u5230\u65b0\u7248\u672c\u3002
\n\u76ee\u524d\u6211\u7684\u7248\u672c\uff1a<\/p>\n
\ngentoo-pjq xtables # iptables --version\niptables v1.4.7\n<\/pre>\n
\uff082\uff09\u8fd8\u6709\u5c31\u662fipset\u7684\u7248\u672c\u4e0d\u5bf9\uff1a<\/p>\n
\ngentoo-pjq examples # ipset -R \n
\u6240\u4ee5\u53c8\u6709\u5347\u7ea7ipset\uff1a<\/p>\n
\n autounmask net-firewall\/ipset-4.2\nemerge ipset\n<\/pre>\n
(3)\u6253\u5f00\u76f8\u5173\u5185\u6838\u9009\u9879\uff1a
\n\u60f3\u529e\u6cd5\u627e\u5230\u4e0b\u97624\u4e2a\u5185\u6838\u9009\u9879\u6253\u5f00\uff0c\u5e76\u7f16\u8bd1\u8fdb\u5185\u6838\uff1a<\/p>\n
\nNF_CONNTRACK\nNF_CONNTRACK_MARK\nNETFILTER_XT_MATCH_STATE\nIP_NF_FILTER\n<\/pre>\n
\u8be6\u7ec6\u7684\u8ba8\u8bba\u5728\u8fd9\u91cc\uff1a
\nhttp:\/\/code.google.com\/p\/scholarzhang\/issues\/detail?id=10<\/a><\/p>\n
\u5982\u679c\u6ca1\u6709\u6253\u5f00\u8fd9\u4e9b\u9009\u9879\uff0c\u53ef\u80fd\u4f1a\u9047\u5230\u7c7b\u4f3c\u4e8e\u4e0b\u9762\u7684\u9519\u8bef\uff1a<\/p>\n
\ngentoo-pjq examples # iptables -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -m gfw -j DROP -m comment --comment \"drop gfw dns hijacks\"\niptables: No chain\/target\/match by that name.\n<\/pre>\n
\u76f8\u5173\u5185\u6838\u9009\u9879\u622a\u56fe\u5728\u8fd9\u91cc\uff1a
\nhttp:\/\/www.flickr.com\/photos\/pengjianqing\/4426415799\/<\/a><\/p>\n
\"2010-03-11-231416_1247x855_scrot\"<\/a><\/p>\n
\"2010-03-11-231405_1251x858_scrot\"<\/a><\/p>\n
\"2010-03-11-231424_1249x851_scrot\"<\/a><\/p>\n
\"2010-03-12-211205_800x747_scrot\"<\/a><\/p>\n
\uff084\uff09\u5982\u679c\u4e0a\u9762\u90fd\u505a\u8fc7\u4e86\u6ca1\u6709\u95ee\u9898\uff0c\u5c31\u53ef\u4ee5\u7528\u6e90\u7801\u7f16\u8bd1\u5b89\u88c5\u4e86<\/p>\n
\n$ .\/autogen.sh\n$ CFLAGS=\"\" .\/configure --prefix=\/usr\n$ make\n# make install\n<\/pre>\n
\uff085\uff09\u624b\u52a8\u62f7\u8d1d\u51e0\u4e2aSO\u6587\u4ef6<\/p>\n
\ncp extensions\/libxt_ZHANG.so \/lib\/xtables\/libipt_ZHANG.so\ncp extensions\/libxt_CUI.so \/lib\/xtables\/libipt_CUI.so\ncp extensions\/libxt_gfw.so \/lib\/xtables\/libipt_gfw.so\n<\/pre>\n
\u8981\u4e0d\u7136\u4f1a\u51fa\u73b0\u7c7b\u4f3c\u4e8e\u4e0b\u9762\u8fd9\u6837\u7684\u9519\u8bef\uff1a<\/p>\n
\ngentoo-pjq examples # iptables -A INPUT -p tcp --sport 80 --tcp-flags FIN,SYN,RST,ACK SYN,ACK -m state --state ESTABLISHED -m set --match-set NOCLIP src -j ZHANG\niptables v1.4.7: Couldn't load target `ZHANG':\/lib\/xtables\/libipt_ZHANG.so: cannot open shared object file: No such file or directory\n<\/pre>\n
3\u3002\u4f7f\u7528
\n\u6309\u7167\u5b83\u7684\u4f7f\u7528\u8bf4\u660e\uff1a
\nhttp:\/\/code.google.com\/p\/scholarzhang\/wiki\/USAGE<\/a><\/p>\n
\n# cd examples\n# ipset -R < YOUTUBE\n# ipset -R < GOOGLE\n# ipset -R < NOCLIP\n# iptables -A INPUT -p tcp --sport 80 --tcp-flags FIN,SYN,RST,ACK SYN,ACK -m state --state ESTABLISHED -m set --match-set NOCLIP src -j ZHANG\n# iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -m gfw -j LOG --log-level info --log-prefix \"gfw: \"\n# iptables -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -m gfw -j DROP\n# echo nameserver 8.8.8.8 > \/etc\/resolv.conf\n<\/pre>\n
\u5982\u679c\u4e0d\u60f3\u6bcf\u6b21\u90fd\u628a\u8fd9\u4e9b\u547d\u4ee4\u6572\u4e00\u904d\uff0c\u628a\u5b83\u4eec\u90fd\u6254\u5230\u4e00\u4e2a\u811a\u672c\u91cc\uff1a<\/p>\n
\npjq@gentoo-pjq ~\/Downloads\/west-chamber-0.0.1\/examples $ cat startwest.sh\n#!\/bin\/bash\n\necho \"ipset -R < YOUTUBE\"\nipset -R < YOUTUBE\n\necho \"ipset -R < GOOGLE\"\nipset -R < GOOGLE\n\necho \"ipset -R < CHINA\"\nipset -R < CHINA\n\necho \"ipset -R < NOCLIP\"\nipset -R < NOCLIP\n\necho \"iptables -A INPUT -p tcp --sport 80 --tcp-flags FIN,SYN,RST,ACK SYN,ACK -m state --state ESTABLISHED -m set --match-set NOCLIP src -j ZHANG\"\niptables -A INPUT -p tcp --sport 80 --tcp-flags FIN,SYN,RST,ACK SYN,ACK -m state --state ESTABLISHED -m set --match-set NOCLIP src -j ZHANG\n\necho \"iptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -m gfw -j LOG --log-level info --log-prefix \"gfw: \"\"\niptables -A INPUT -p tcp --sport 80 -m state --state ESTABLISHED -m gfw -j LOG --log-level info --log-prefix \"gfw: \"\n\necho \"iptables -I INPUT -p tcp --sport 80 -m state --state ESTABLISHED -m gfw -j DROP\"\niptables -I INPUT -p tcp --sport 80 -m state --state ESTABLISHED -m gfw -j DROP\n\necho \"iptables -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -m gfw -j DROP\"\niptables -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -m gfw -j DROP\n\necho \"echo \"nameserver 8.8.8.8\" >\/etc\/resolv.conf\"\necho \"nameserver 8.8.8.8\" >\/etc\/resolv.conf\npjq@gentoo-pjq ~\/Downloads\/west-chamber-0.0.1\/examples $\n\n<\/pre>\n
4.\u5982\u679c\u5728\u4f7f\u7528iptables\u8bbe\u7f6e\u89c4\u5219\u7684\u65f6\u5019\u6ca1\u51fa\u73b0\u4ec0\u4e48\u95ee\u9898\uff0c
\n\u90a3\u5c31\u5e94\u8be5\u8bbe\u7f6e\u6210\u529f\u4e86\uff0c\u53ef\u4ee5\u67e5\u770b\u4e00\u4e0b\uff0c
\n\u5e94\u8be5\u53ef\u4ee5\u770b\u5230\u7c7b\u4f3c\u4e8e\u4e0b\u9762\u7684\u7ed3\u679c\uff1a<\/p>\n
\ngentoo-pjq xtables # iptables -L\nChain INPUT (policy ACCEPT)\ntarget     prot opt source               destination\nDROP       tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw\nDROP       tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw\nDROP       tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw\nZHANG      tcp  --  anywhere             anywhere            tcp spt:http flags:FIN,SYN,RST,ACK\/SYN,ACK state ESTABLISHED match-set NOCLIP src\nDROP       udp  --  anywhere             anywhere            udp spt:domain state ESTABLISHED gfw\nZHANG      tcp  --  anywhere             anywhere            tcp spt:http flags:FIN,SYN,RST,ACK\/SYN,ACK state ESTABLISHED match-set NOCLIP src\nLOG        tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw LOG level info prefix `gfw: '\nDROP       udp  --  anywhere             anywhere            udp spt:domain state ESTABLISHED gfw\nZHANG      tcp  --  anywhere             anywhere            tcp spt:http flags:FIN,SYN,RST,ACK\/SYN,ACK state ESTABLISHED match-set NOCLIP src\nLOG        tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw LOG level info prefix `gfw: '\nDROP       udp  --  anywhere             anywhere            udp spt:domain state ESTABLISHED gfw\nZHANG      tcp  --  anywhere             anywhere            tcp spt:http flags:FIN,SYN,RST,ACK\/SYN,ACK state ESTABLISHED match-set NOCLIP src\nLOG        tcp  --  anywhere             anywhere            tcp spt:http state ESTABLISHED gfw LOG level info prefix `gfw: '\nDROP       udp  --  anywhere             anywhere            udp spt:domain state ESTABLISHED gfw\n\nChain FORWARD (policy ACCEPT)\ntarget     prot opt source               destination\n\nChain OUTPUT (policy ACCEPT)\ntarget     prot opt source               destination\ngentoo-pjq xtables #\n\n<\/pre>\n
5.\u5982\u679c\u4e00\u5207\u987a\u5229\uff0c\u53ef\u4ee5\u6d4b\u8bd5\u7f51\u9875\u4e86\u3002
\n\u5f88\u90c1\u95f7\u7684\u662f\uff0c\u6211\u8fd8\u662f\u4e0d\u80fd\u6253\u5f00youtube.com,\u4f46\u53ef\u4ee5\u6253\u5f00facebook.com,\u597d\u50cf\u53ea\u6709\u4e00\u6b21\u6253\u5f00\u4e86youtube.com,\u4e4b\u540e\u5c31\u6ca1\u6253\u5f00\u8fc7\u4e86\uff0c\u4f46facebook\u4e00\u76f4\u53ef\u4ee5\u6253\u5f00\u7684\u3002
\n\u611f\u89c9\u73b0\u5728\u201c\u897f\u53a2\u8ba1\u5212\u201d\u73b0\u5728\u8fd8\u4e0d\u662f\u592a\u7a33\u5b9a\u3002\u5f88\u591a\u529f\u80fd\u8fd8\u6709\u5f85\u5b8c\u5584\u3002<\/p>\n
\u4f46\u8fd8\u662f\u975e\u5e38\u611f\u8c22\u4f5c\u8005\u7684\u52aa\u529b\uff0c\u8ba9\u6211\u4eec\u770b\u5230\u4e86\u4e00\u4e9b\u5e0c\u671b\uff0c\u5e0c\u671b\u201c\u897f\u53a2\u8ba1\u5212\u201d\u80fd\u591f\u65e5\u81fb\u5b8c\u5584\uff0c\u8d8a\u6765\u8d8a\u5f3a\u5927\uff0c\u81ea\u7531\u7ffb\u8d8aGFW\uff0c<\/p>\n
\u76ee\u524d\u5728Gentoo\u4e0a\u8fd8\u6709\u66f4\u7b80\u5355\u7684\u65b9\u6cd5\u5b89\u88c5\u5b83\u4e86\uff0c\u5df2\u7ecf\u6709\u4eba\u5199\u4e86ebuild\u653e\u5230gentoo-china overlay\u4e86\uff0c\u611f\u8c22viogus\u3002
\n\u89c1\uff1a
\nhttp:\/\/code.google.com\/p\/scholarzhang\/issues\/detail?id=10<\/a>
\nhttp:\/\/www.linuxsir.org\/bbs\/thread364811.html<\/a><\/p>\n
\u5b89\u88c5\u65b9\u6cd5:
\n\u6dfb\u52a0gentoo-china overlay\u5c31\u53ef\u4ee5\u5b89\u88c5\u4e86<\/p>\n
\nlayman -a gentoo-china\nlayman -S\nFEATURES=\"-sandbox\" emerge west-chamber -av\n<\/pre>\n
\"\"<\/div>\n","protected":false},"excerpt":{"rendered":"
Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)Technorati Tags: GFW, \u897f\u53a2\u8ba1\u5212, Gentoo, west-chamber, iptables \u8fd9\u91cc\u662f\u6b64\u9879\u8ba1\u5212\u7684\u8bf4\u660e\uff1a http:\/\/code.google.com\/p\/scholarzhang\/wiki\/README \u6b64\u9879\u8ba1\u5212\u4e00\u51fa\u7acb\u523b\u5728\u7f51\u7edc\u4e0a\uff0c\u5f15\u8d77\u4e86\u8f70\u52a8\uff0c\u5230\u5904\u90fd\u662f\u5173\u4e8e\u5b83\u7684\u8ba8\u8bba\u3002 \u6211\u4e5f\u5bf9\u8fd9\u4e2a\u5f88\u597d\u5947\uff0c\u60f3\u65e9\u70b9\u770b\u4e00\u4e0b\u8fd9\u4e2a\u5230\u5e95\u662f\u4ec0\u4e48\u4e1c\u897f\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29,5],"tags":[69,118,155],"class_list":["post-853","post","type-post","status-publish","format-standard","hentry","category-gentoo","category-linux","tag-gfw","tag-west-chamber","tag-iptables"],"yoast_head":"\nGentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/pjq.me\/?p=853\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog\" \/>\n<meta property=\"og:description\" content=\"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)Technorati Tags: GFW, \u897f\u53a2\u8ba1\u5212, Gentoo, west-chamber, iptables \u8fd9\u91cc\u662f\u6b64\u9879\u8ba1\u5212\u7684\u8bf4\u660e\uff1a http:\/\/code.google.com\/p\/scholarzhang\/wiki\/README \u6b64\u9879\u8ba1\u5212\u4e00\u51fa\u7acb\u523b\u5728\u7f51\u7edc\u4e0a\uff0c\u5f15\u8d77\u4e86\u8f70\u52a8\uff0c\u5230\u5904\u90fd\u662f\u5173\u4e8e\u5b83\u7684\u8ba8\u8bba\u3002 \u6211\u4e5f\u5bf9\u8fd9\u4e2a\u5f88\u597d\u5947\uff0c\u60f3\u65e9\u70b9\u770b\u4e00\u4e0b\u8fd9\u4e2a\u5230\u5e95\u662f\u4ec0\u4e48\u4e1c\u897f\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/pjq.me\/?p=853\" \/>\n<meta property=\"og:site_name\" content=\"Jianqing's Blog\" \/>\n<meta property=\"article:published_time\" content=\"2010-03-12T16:22:53+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg\" \/>\n<meta name=\"author\" content=\"pengjianqing\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pengjianqing\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/pjq.me\/?p=853#article\",\"isPartOf\":{\"@id\":\"https:\/\/pjq.me\/?p=853\"},\"author\":{\"name\":\"pengjianqing\",\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"headline\":\"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)\",\"datePublished\":\"2010-03-12T16:22:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/pjq.me\/?p=853\"},\"wordCount\":95,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"image\":{\"@id\":\"https:\/\/pjq.me\/?p=853#primaryimage\"},\"thumbnailUrl\":\"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg\",\"keywords\":[\"GFW\",\"west-chamber\",\"\u897f\u53a2\u8ba1\u5212\uff0ciptables\"],\"articleSection\":[\"gentoo\",\"Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/pjq.me\/?p=853#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/pjq.me\/?p=853\",\"url\":\"https:\/\/pjq.me\/?p=853\",\"name\":\"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog\",\"isPartOf\":{\"@id\":\"https:\/\/pjq.me\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/pjq.me\/?p=853#primaryimage\"},\"image\":{\"@id\":\"https:\/\/pjq.me\/?p=853#primaryimage\"},\"thumbnailUrl\":\"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg\",\"datePublished\":\"2010-03-12T16:22:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/pjq.me\/?p=853#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/pjq.me\/?p=853\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/pjq.me\/?p=853#primaryimage\",\"url\":\"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg\",\"contentUrl\":\"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/pjq.me\/?p=853#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/pjq.me\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/pjq.me\/#website\",\"url\":\"https:\/\/pjq.me\/\",\"name\":\"Jianqing's Blog\",\"description\":\"Thoughts and Future\",\"publisher\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/pjq.me\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\",\"name\":\"pengjianqing\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png\",\"contentUrl\":\"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png\",\"width\":460,\"height\":752,\"caption\":\"pengjianqing\"},\"logo\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/image\/\"},\"url\":\"https:\/\/pjq.me\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/pjq.me\/?p=853","og_locale":"en_US","og_type":"article","og_title":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog","og_description":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)Technorati Tags: GFW, \u897f\u53a2\u8ba1\u5212, Gentoo, west-chamber, iptables \u8fd9\u91cc\u662f\u6b64\u9879\u8ba1\u5212\u7684\u8bf4\u660e\uff1a http:\/\/code.google.com\/p\/scholarzhang\/wiki\/README \u6b64\u9879\u8ba1\u5212\u4e00\u51fa\u7acb\u523b\u5728\u7f51\u7edc\u4e0a\uff0c\u5f15\u8d77\u4e86\u8f70\u52a8\uff0c\u5230\u5904\u90fd\u662f\u5173\u4e8e\u5b83\u7684\u8ba8\u8bba\u3002 \u6211\u4e5f\u5bf9\u8fd9\u4e2a\u5f88\u597d\u5947\uff0c\u60f3\u65e9\u70b9\u770b\u4e00\u4e0b\u8fd9\u4e2a\u5230\u5e95\u662f\u4ec0\u4e48\u4e1c\u897f\u3002","og_url":"https:\/\/pjq.me\/?p=853","og_site_name":"Jianqing's Blog","article_published_time":"2010-03-12T16:22:53+00:00","og_image":[{"url":"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg","type":"","width":"","height":""}],"author":"pengjianqing","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pengjianqing","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/pjq.me\/?p=853#article","isPartOf":{"@id":"https:\/\/pjq.me\/?p=853"},"author":{"name":"pengjianqing","@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"headline":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)","datePublished":"2010-03-12T16:22:53+00:00","mainEntityOfPage":{"@id":"https:\/\/pjq.me\/?p=853"},"wordCount":95,"commentCount":1,"publisher":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"image":{"@id":"https:\/\/pjq.me\/?p=853#primaryimage"},"thumbnailUrl":"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg","keywords":["GFW","west-chamber","\u897f\u53a2\u8ba1\u5212\uff0ciptables"],"articleSection":["gentoo","Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/pjq.me\/?p=853#respond"]}]},{"@type":"WebPage","@id":"https:\/\/pjq.me\/?p=853","url":"https:\/\/pjq.me\/?p=853","name":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber) - Jianqing's Blog","isPartOf":{"@id":"https:\/\/pjq.me\/#website"},"primaryImageOfPage":{"@id":"https:\/\/pjq.me\/?p=853#primaryimage"},"image":{"@id":"https:\/\/pjq.me\/?p=853#primaryimage"},"thumbnailUrl":"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg","datePublished":"2010-03-12T16:22:53+00:00","breadcrumb":{"@id":"https:\/\/pjq.me\/?p=853#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/pjq.me\/?p=853"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/pjq.me\/?p=853#primaryimage","url":"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg","contentUrl":"http:\/\/farm5.static.flickr.com\/4012\/4425110084_fb8b941535.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/pjq.me\/?p=853#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/pjq.me\/"},{"@type":"ListItem","position":2,"name":"Gentoo\u4e0a\u4f7f\u7528\u201c\u897f\u53a2\u8ba1\u5212\u201d (west-chamber)"}]},{"@type":"WebSite","@id":"https:\/\/pjq.me\/#website","url":"https:\/\/pjq.me\/","name":"Jianqing's Blog","description":"Thoughts and Future","publisher":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/pjq.me\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60","name":"pengjianqing","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/pjq.me\/#\/schema\/person\/image\/","url":"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png","contentUrl":"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png","width":460,"height":752,"caption":"pengjianqing"},"logo":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/image\/"},"url":"https:\/\/pjq.me\/?author=1"}]}},"views":72332,"_links":{"self":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts\/853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=853"}],"version-history":[{"count":0,"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts\/853\/revisions"}],"wp:attachment":[{"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}