I am trying to block yahoo and msn in the office and need some help...
I have recently built a robust iptables firewall only allowing out requests that we really need (eg 80, 443 etc etc) and theoretically this should do the job however yahoo and msn will go through on any port they can (including 80!)
So i have implimented a squid proxy server with the hope of blocking the IP's and/or the domain names of the services.
the problem is that I have blocked EVERYTHING that i can think of but the littles horrors still get through.
this is what i have done so far and everything APPEARS to be working.. if i browse to the IP i have selected I get an error message and same with the websites BUT msn and yahoo can still connect... any ideas?
#############################
squid.conf
#############################
mum_object_size 200 KB
#This creates 5000mb disk space with 16 first level subdirectories and 256 second level #subdirectories.
cache_dir ufs /usr/local/squid/var/cache 5000 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
#This is the redirect program which we will use to zap the ads.
#redirect_program /usr/local/adzap/scripts/wrapzap
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl MYDC src 192.168.0.0/255.255.255.0 #specify a name for your network
acl SSL_ports port 443 563
acl Safe_ports port 80 21 443 563 70 210 1025-65535
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# Banned sites and Services
acl bannedurls url_regex "/usr/local/squid/etc/url.txt"
acl bannedips dst "/usr/local/squid/etc/ip.txt"
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny bannedurls
http_access deny bannedips
http_access allow all
icp_access allow all
miss_access allow all
cache_mgr
chris@leadingside.com.my
visible_hostname proxy.leadingside.com.my
unique_hostname proxy.leadingside.com.my
#We will run squid with accelerator on
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
http_port 3128
#############################
url.txt
#############################
.messenger.yahoo.com
.msg.yahoo.com
.scd.yahoo.com
.sc5.yahoo.com
webcam.yahoo.com
filetransfer.yahoo.com
#############################
#############################
ip.txt
#############################
64.4.13.0/24 #MSN Messenger
#############################