Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have tried with every kind of possibilities , those found from Internet regarding to block Messangers . I put IPTABLES for blocking different ports . But somehow unable to block gtalk etc even gmail / msn site is blocked through SQUID .
Iptables can help you blocking messengers if you know what ports they use. You can give a look at this thread where I was having same problems maintaining squid.
Thanks..linuxlover.chaitanya; But I have tried with so many ports...sometimes some messangers are blocking and some messangers are missing. It will be very helpfull if you please, give me some hints regarding the iptables chain ......which port for gtalk..in which chain [INPUT/OUTPUT/FORWARD].
For gtalk either blocking 5222 port should work. But I have done this for Pidgin is the client most of the people use here. You may want to block 5050 for yahoo.
I have tried with all combinations to block gtalk , but its still not solved.
-A INPUT -p udp -m udp --sport 5222:5333 -j DROP
-A OUTPUT -p udp -m udp --sport 5222:5333 -j DROP
-A FORWARD -p udp -m udp --sport 5222:5333 -j DROP
-A INPUT -p udp -m udp --dport 5222:5333 -j DROP
-A OUTPUT -p udp -m udp --dport 5222:5333 -j DROP
-A FORWARD -p udp -m udp --dport 5222:5333 -j DROP
-A INPUT -p tcp -m tcp --sport 5222:5333 -j DROP
-A OUTPUT -p tcp -m tcp --sport 5222:5333 -j DROP
-A FORWARD -p tcp -m tcp --sport 5222:5333 -j DROP
-A INPUT -p tcp -m tcp --dport 5222:5333 -j DROP
-A OUTPUT -p tcp -m tcp --dport 5222:5333 -j DROP
-A FORWARD -p tcp -m tcp --dport 5222:5333 -j DROP
Is there any other solution that not forward gtalk packet.
If you are using transparent squid you may want to write it in nat table. But as said, the messengers are becoming intelligent and using the standard http pot 80. This might not work if gtalk is using port 80.
I configured my squid simply....internal network allowed & others denied through acl. I had tried with other acl also, regarding to block messangers by putting port number and etc.....not done. Then I put port number in IPTABLES as above....not done. But yah....one thing u saying "nat table". I m thinking also . But what would be the format . Because I can't block port 80...its harmful for web trafic and I have to pass ftp & pop packet also to access external remote mail / FTP server login.Is there any iptable NAT chain format that can be used ,,,like----port 80 allowd except messangers.
But problem is that messangers are so clever that pass through port 80.So, what would be the solution.
You can try to block source port 5222 and 5050 in filter table for all the chains. This might just help you. i am not sure but I have blocked the messenger traffic with this iptable rule.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.