Yahoo Messenger Blocking/Unblocking through IPTables
 

We have Linux Box working as Gateway .... Now I want to block some users from using yahoo/msn/aol messenger and I also want to give access of so to some users........

Now what I wanna know is how to do so using SOLE IPTables.......???

The answer is: yes and no.

Yes: you can accomplish this with iptables using the l7-filter module. Then institute matches to your layer-7 protocols with iptables rules, and drop packets originating from selected IP addresses or other criteria.

No: you probably shouldn’t as l7-filter was designed to let you throttle such traffic, not drop it. There are always false positives, so legitimate traffic may be dropped. Besides, it is not really a security measure since anyone with half a brain will be able to bypass it.