how to block ports
 

hi
i would like to block some ports on my linux proxy server so as to disable chat services. can some one guide me to it.

regards

Even tho it's for Novell's BorderManager, here's a resource on chat app ports: http://nscsysop.hypermart.net/no_chat.html

It works
 

If you are uding iptables,then for which port you want to block,try this command.

iptables -I FORWARD -p tcp -s [Your Network]/[Subnet Mask] --destination-port [Port or Prot Range] -j DROP


__Karunesh__

:Pengy:

thank u very much for the reply, could u also help me with this problem.

i have used ACL statements on the linux proxy to block websites.
the clients are windows 2k prof. now when in the connections tab i specify to use "Automatic detect connection" it bypasses the proxy acl statements and lets users to see the restricted site.

But when i uncheck this option and specifically specify the proxy ip and port 8080 then it works fine. so could any one help me through the problem as to how come i can totally restrict the access no matter what changes the user makes.

using SQUID ?
 

I think you are using SQUID web cache-proxy in your linux box.
So you can Run SQUID in Transparent Proxy Mode.After that you don't need to put proxy address and port in your browser's settings.

Simply redirect all traffic for port 80 towards your proxy port.

iptables -t nat -I PREROUTING -p tcp --src [Your Network]/[Subnet Mask] --dest 0/0 --destination-port 80 -j REDIRECT --to-port [Your Proxy Port]

:Pengy:

Thanks Karunesh

yes i am using squid. could u also guide me as to where do i place this iptables statement ( i mean the path ) bcoz i m still getting my hands on linux.

Thanks

Using iptables
 

If you r using Linux Kernal 2.4 then you can use iptables.
Look in /sbin/iptables.

:Pengy:

yeh karunesh

i am using kernel ver. 2.4 but when i open the file /sbin/iptables
it showes me junck characters. i cant figure a word out of it.

whats the next step that i should do

thanks

No, /sbin/iptables is the binary for managing firewall rules.
If you installed iptables using some form of package management it usually comes with some form of example, and that would be in /etc. For clues look in /etc/(rc.d/)init.d for a file called iptables or firewall or the like, it should say what config file it's using.
Else you could make your own executable script in /etc/(rc.d/)init.d, and link it to the runlevel you have networking in (3 and up, not 6), just look in those dirs for examples.
Else you could tack it onto /etc/(rc.d/)rc.local.

EASY
 

Put all your iptables rules in a file and save it in /etc.Then make this file executable with chmod command.Now call this executable from /etc/rc.local.

:Pengy: