|
Blocking All messangers in LINUX
I have tried with every kind of possibilities , those found from Internet regarding to block Messangers . I put IPTABLES for blocking different ports . But somehow unable to block gtalk etc even gmail / msn site is blocked through SQUID .
|
Iptables can help you blocking messengers if you know what ports they use. You can give a look at this thread where I was having same problems maintaining squid.
http://www.linuxquestions.org/questi...-squid-651468/ |
Thanks..linuxlover.chaitanya; But I have tried with so many ports...sometimes some messangers are blocking and some messangers are missing. It will be very helpfull if you please, give me some hints regarding the iptables chain ......which port for gtalk..in which chain [INPUT/OUTPUT/FORWARD].
|
Dear Everyone......any suggestion.
|
For gtalk either blocking 5222 port should work. But I have done this for Pidgin is the client most of the people use here. You may want to block 5050 for yahoo.
|
You should block INPUT and put --sport 5222 for gtalk
|
The only problem is that some messengers now have the option of using http for sending messages.
So you would need to block standard internet access as well, which may or may not go down well. |
I have tried with all combinations to block gtalk , but its still not solved.
-A INPUT -p udp -m udp --sport 5222:5333 -j DROP -A OUTPUT -p udp -m udp --sport 5222:5333 -j DROP -A FORWARD -p udp -m udp --sport 5222:5333 -j DROP -A INPUT -p udp -m udp --dport 5222:5333 -j DROP -A OUTPUT -p udp -m udp --dport 5222:5333 -j DROP -A FORWARD -p udp -m udp --dport 5222:5333 -j DROP -A INPUT -p tcp -m tcp --sport 5222:5333 -j DROP -A OUTPUT -p tcp -m tcp --sport 5222:5333 -j DROP -A FORWARD -p tcp -m tcp --sport 5222:5333 -j DROP -A INPUT -p tcp -m tcp --dport 5222:5333 -j DROP -A OUTPUT -p tcp -m tcp --dport 5222:5333 -j DROP -A FORWARD -p tcp -m tcp --dport 5222:5333 -j DROP Is there any other solution that not forward gtalk packet. |
If you are using transparent squid you may want to write it in nat table. But as said, the messengers are becoming intelligent and using the standard http pot 80. This might not work if gtalk is using port 80.
|
I configured my squid simply....internal network allowed & others denied through acl. I had tried with other acl also, regarding to block messangers by putting port number and etc.....not done. Then I put port number in IPTABLES as above....not done. But yah....one thing u saying "nat table". I m thinking also . But what would be the format . Because I can't block port 80...its harmful for web trafic and I have to pass ftp & pop packet also to access external remote mail / FTP server login.Is there any iptable NAT chain format that can be used ,,,like----port 80 allowd except messangers.
But problem is that messangers are so clever that pass through port 80.So, what would be the solution. |
You can try to block source port 5222 and 5050 in filter table for all the chains. This might just help you. i am not sure but I have blocked the messenger traffic with this iptable rule.
|
| All times are GMT -5. The time now is 05:40 PM. |