Iptables:
FOR YAHOO:
iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp -m multiport --dport 5000,5001,5100,5050,11999 -j DROP
FOR MSN:
iptables -I OUTPUT -o eth1 -s IpOfClient -p tcp --dport 1836
You can block arbitrary strings in packets using the string match
support in the P-O-M for netfilter, e.g. -m string --string 'KAZAA'
but its better to use squid for that purpose
i suggest u to block MIME types.
acl msn_messenger req_mime_type -i "illegal-mime-types.txt"
http_access deny msn_messenger
and in illegal-mime-types.txt, enter MIME types.
^application/x-msn-messenger$
i dont know yahoo and aol mime types but u can search them on internet.
|