LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-04-2001, 01:09 AM   #1
systemgsr
LQ Newbie
 
Registered: Dec 2001
Location: So Cal
Posts: 5

Rep: Reputation: 0
blocking MSN using iptables?


I've been trying to block this allday. I'm not sure if my syntax is wrong or what. This is my first attempt to iptables. I used to use ipchains but never set it up to block MSN. Anybody have the exact syntax for blocking msn messanger? thanks.
 
Old 12-04-2001, 11:38 AM   #2
DJFauß
Member
 
Registered: May 2001
Location: Germany
Distribution: SuSE 8.1
Posts: 48

Rep: Reputation: 15
Just close the port MSN uses ...
 
Old 12-05-2001, 10:08 AM   #3
theFuzzyOne
Member
 
Registered: Dec 2001
Distribution: redhat
Posts: 154

Rep: Reputation: 30
blocking msn

use netstat in your windoze machine while MSN is running to see all the ports it uses... on mine it's port 1863

so start with something like

iptables -A FORWARD -p tcp --dport 1863 -d 0/0 -j DROP

(add INPUT and OUTPUT rules as needed)

i believe MSN uses different ports for voice and file transfers... 6891 - 6900 for files, i think.

hope this helps a little
 
Old 01-25-2002, 05:57 AM   #4
izy
LQ Newbie
 
Registered: Jan 2002
Posts: 1

Rep: Reputation: 0
msn and iptables

hello !

i got a weird problem, i installed a firewall between my asdl connection and my standalone workstation. before installing the firewall, i was able to voice speak with friend, now it gets stuck : ETABLISHING CONNECTION WITH xxxx but doesnt work, any1 got some iptables rules that make MSN voice chat work behind a firewall ...?


thanx for the help, i'll really appreciate it

i'mma running a REDHAT 7.2
 
Old 07-17-2003, 08:33 AM   #5
eduac
Member
 
Registered: Jun 2003
Distribution: Arch - www.archlinux.org
Posts: 186

Rep: Reputation: 30
exist any possibility to block the msn per user?, because i wanna to block a few users and not the all users.
 
Old 07-17-2003, 09:32 AM   #6
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,781
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
You can block the MSN ports for individual machines with iptables using either the IP address, or the mac address if they are on your LAN. However, iptables isn't capable of blocking individual users AFAIK.
 
Old 07-17-2003, 09:50 AM   #7
eduac
Member
 
Registered: Jun 2003
Distribution: Arch - www.archlinux.org
Posts: 186

Rep: Reputation: 30
how i can make this? with the iptables command?

such like this?



iptables -A FORWARD -p tcp --dport 1863 -d 0/0 -j DROP


Last edited by eduac; 07-17-2003 at 09:59 AM.
 
Old 07-17-2003, 12:22 PM   #8
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,781
Blog Entries: 1

Rep: Reputation: 412Reputation: 412Reputation: 412Reputation: 412Reputation: 412
That should probably work. I don't think you need the -d 0/0 though.
 
Old 07-17-2003, 12:28 PM   #9
eduac
Member
 
Registered: Jun 2003
Distribution: Arch - www.archlinux.org
Posts: 186

Rep: Reputation: 30
forget my friend, the kernel version is too old, i think that i must have to use the ipchains.
 
Old 07-17-2003, 01:44 PM   #10
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Rep: Reputation: 30
you could do a simpler thing, install a proxy, configure the chains for it to be transparent, so the users dont know, and then just straight out disable forwarding..
 
Old 07-17-2003, 11:29 PM   #11
leonardox
LQ Newbie
 
Registered: Jul 2003
Location: Guadalajara
Distribution: Slackware
Posts: 23

Rep: Reputation: 15
I'm block messenger.msn.com, loginnet.passport.com and hotmail.com, but you can use in shell the command host hotmail.com or wherever you want and give you the IPS.

iptables -A FORWARD -s IP/NET -d host -j DROP
 
Old 09-04-2003, 09:13 AM   #12
eduac
Member
 
Registered: Jun 2003
Distribution: Arch - www.archlinux.org
Posts: 186

Rep: Reputation: 30
can i block msn using ipchains? but for particulary ip on my network (192.168.66...)?
 
Old 09-04-2003, 10:59 AM   #13
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Rep: Reputation: 30
Of course you'll get the ips, thats DNS, lol

And you can block msn per station, block the ports its requesting

iptables -A FORWARD -t udp/tcp whatever one it is
-p 100-1000 whatever ports -j DROP
 
Old 09-04-2003, 11:06 AM   #14
eduac
Member
 
Registered: Jun 2003
Distribution: Arch - www.archlinux.org
Posts: 186

Rep: Reputation: 30
so, it is something like that???

ipchains -A FORWARD -t udp/tcp 192.168.66.158 -p 1863 -i DROP

Last edited by eduac; 09-04-2003 at 11:09 AM.
 
Old 09-04-2003, 11:25 AM   #15
hakcenter
Member
 
Registered: Apr 2003
Location: Not to far from the computer screen
Distribution: RedHat 9.0
Posts: 324

Rep: Reputation: 30
ipchains -A FORWARD -t tcp -s 192.168.66.158 -p 1863 -j DROP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
iptables - Blocking an URL ddaas Linux - Security 2 10-14-2004 06:36 PM
Blocking MSN Messenger Traffic With Smoothwall canadiantechie Linux - Software 0 08-21-2004 03:03 PM
Iptables blocking certain websites?? Ikik Linux - Security 3 09-29-2003 02:39 AM
Blocking MIRC and MSN messenger Ports smurf Linux - Networking 3 05-24-2001 08:36 AM


All times are GMT -5. The time now is 11:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration