IM blocking with combination of IPtables & Squid
 

Hi,

I am using Linux AS 2.1 with squid-2.4 stable6-1.7.2 and iptables with MASQURADE (snat) . i want to block any internet messenger in my LAN i had already created following ACL and blocked them

messenger.hotmail.com
login.oscar.aol.com
login.icq.com
http.proxy.icq.com
msg.edit.yahoo.com
messenger.yahoo.com
http.pager.yahoo.com

but no success. any one can guide me ???

my iptables script are blow

iptables=/sbin/iptables
$iptables --flush -t nat
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

Iptables:
FOR YAHOO:
iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp -m multiport --dport 5000,5001,5100,5050,11999 -j DROP
FOR MSN:
iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp --dport 1836

You can block arbitrary strings in packets using the string match
support in the P-O-M for netfilter, e.g. -m string --string 'KAZAA'

but its better to use squid for that purpose
i suggest u to block MIME types.

acl msn_messenger req_mime_type -i "illegal-mime-types.txt"
http_access deny msn_messenger

and in illegal-mime-types.txt, enter MIME types.

^application/x-msn-messenger$



i dont know yahoo and aol mime types but u can search them on internet.