blocking yahoo messenger with iptables

mardanian · 04-24-2004, 04:20 AM

I want to block yahoo messenger probably these ports (5001-5002,5050) to some of my clients, I have network of more then 100+ machines and they connecting with dialup

However I want to block yahoo messenger only for specific IP for example IP: 23.45.65.34 not to all IPs

I am running firewall machine, linux on it and i am using iptables.
anyone tell me what will be the rules for doing this.

iptables -A INPUT ........blah blah

thanks

maxut · 04-24-2004, 07:00 AM

as i know messenger can use http port. u may need packet filter like snort. i dont know snort enough. www.snort.org

u may try the following:

iptables -A FORWARD -s 23.45.65.34 -p tcp --dport 5001:5050 -j REJECT

it wont allow forwarding if pakets comes from 23.45.65.34 and protokol is tcp and port between 5001 and 5050

u may prefer -j DROP instead of -j REJECT

silver2003 · 04-24-2004, 08:42 AM

iptables -A INPUT -s 23.45.65.34 -p tcp --dport 5001:5050 -j DROP

sixth_sense · 04-24-2004, 09:03 AM

well, i tried these script on my redhat 6.2 box replacing iptables with ipchains. but its not working

badlya · 04-24-2004, 09:13 AM

Actually yahoo messenger is having facility ( for us it's a problem) that yahoo can use any port (see yahoo messenger help for details) so here is my script for blocking yahoo messenger. but it will work if the yahoo policy is not changed. if this script still unable to block messenger then again reply me .

iptables -A FORWARD -p TCP --dport 5000:5100 -j REJECT
iptables -A FORWARD -p TCP -d scsa.yahoo.com -j REJECT
iptables -A FORWARD -p TCP -d cs.yahoo.com -j REJECT
iptables -A FORWARD -p TCP -d scsa.msg.yahoo.com -j REJECT
iptables -A FORWARD -p TCP -d messenger.yahoo.com -j REJECT

silver2003 · 04-24-2004, 02:32 PM

ipchains is not iptables sixth_sense. They are diffrent. see tha man pages for the ipchains and adapt the rules of the iptables.