Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi there, After a long time here. I am havin a prob in my office. It has become a culture to chat using yahoo messenger and msn messenger all the time instead of working. Now i need to stop both of these. Can i use a firewall to block ports?
Also give me a solution if i want to use proxy (transparent)... And is there any squid for win2k?? because then i'll need to deploy that too... please help me...
Many IM clients a designed to use a list of secondary ports if the primary ones are blocked. In fact most will use port 80, which makes it difficult to distinguish from standard web traffic. Easiest way to do this is to run squid on the gateway and use iptables to redirect traffic locally to the squid port (aka transparent proxying). That way to the setup will be transparent to the internal users and it saves you from having to manually reconfigure the tcp/ip settings on all of the client machines.
Thanx for the info. I also found this is the best way... But now i have to use a linux-box instead of my currently available router.
I know it's a pain to make that transition, but once you do you'll find it to be much more powerful and flexible solution. Things like detailed logging and traffic shaping are reasonably easy to do with a linux box and are virtually absent from all but higher-end routers. Unless you have significant traffic load that requires dedicated hardware, then I'd seriously consider it.
hmmm... but i need one very important solution. It is not currently available... but have plan for this. If it can support, then i'll just go for it. That is my office is now using a so called broadband. But it is the worst thing they are using. I found a dial-up with a noisy connection is better than this one. Thus i have started to think about using EDGE using a EDGE modem. There i got more than 120kb at any time which is sufficient in my office for sharing with 4-5 PCs. But i have to dial-up and actually i then need demand dial using the EDGE modem as a normal modem used by COM ports. Is it possible in linux?? By the way, the EDGE modem will be connected to the box using a USB. I know it can be done in windows, but i need linux for my case...
I've never used it, but it looks like a number of usb EDGE modems appear to be supported under linux. You may want to start a new thread in the Linux - Networking or Linux - Hardware (do not post in both) specifically regarding getting your usb EDGE modem to work. Make sure to include specifics on the make and model number as well as the distro and version of linux you are planning to use. Probably a good idea to get it working stably on a test network first before rolling it out.
Many IM clients a designed to use a list of secondary ports if the primary ones are blocked. In fact most will use port 80, which makes it difficult to distinguish from standard web traffic.
and there are also tools that can tunnel through this proxy setup and act as a local socks proxy server on the client machine. (like socks2http).
preventing messenger access can't be done alone at the server level. you also need to do some "policing" at the users' side. unless, of course, if you run your firewall/proxy server in paranoid mode.
there are a lot of ways for a very persistent user who can't live without messenger clients around.
I'd advise not only blocking the ports but also stipulating in your company IT policy that IM services are prohibited, and will lead to disciplinary action.
Moved: This thread is more suitable in the Linux Networking forum (taxonomy: +network +"block access") and has been moved accordingly to help your thread/question get the exposure it deserves.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.