IM blocking with combination of IPtables & Squid
Hi,
I am using Linux AS 2.1 with squid-2.4 stable6-1.7.2 and iptables with MASQURADE (snat) . i want to block any internet messenger in my LAN i had already created following ACL and blocked them messenger.hotmail.com login.oscar.aol.com login.icq.com http.proxy.icq.com msg.edit.yahoo.com messenger.yahoo.com http.pager.yahoo.com but no success. any one can guide me ??? my iptables script are blow iptables=/sbin/iptables $iptables --flush -t nat iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward |
Iptables:
FOR YAHOO: iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp -m multiport --dport 5000,5001,5100,5050,11999 -j DROP FOR MSN: iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp --dport 1836 You can block arbitrary strings in packets using the string match support in the P-O-M for netfilter, e.g. -m string --string 'KAZAA' but its better to use squid for that purpose i suggest u to block MIME types. acl msn_messenger req_mime_type -i "illegal-mime-types.txt" http_access deny msn_messenger and in illegal-mime-types.txt, enter MIME types. ^application/x-msn-messenger$ i dont know yahoo and aol mime types but u can search them on internet. |
All times are GMT -5. The time now is 02:31 AM. |