[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

BLOCK MSN MESSENGER

Posted on 2004-11-02
6
Medium Priority
?
778 Views
Last Modified: 2008-01-09
Hello Experts.

I have a user wich IP is 192.168.0.12 and gateway 192.168.0.4. I want block MSN Messenger for this user. I have a Gateway server (it does NAT 192.168.0.0/24 to 63.245.101.5). I'm using linux redhat 9.0. External interface (INTERNET) is eth0, internal is eth1 (LAN). I tried putting this in my FIREWALL script, just testing, but it doesn't block anything:

iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT

How can i do, using iptables, to block MSN messenger for this specific user.???

Thanx.

0
Comment
Question by:rbraym
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Expert Comment

by:bytta
ID: 12476674
MSN messenger uses port 80 (http port) if the usual ports are not available.

So unless you want to block all web access - this is a tough question...
0
 

Author Comment

by:rbraym
ID: 12476734
Thanks but i found the solution!!

I just put these lines in my FIREWALL script and it worked!!

iptables -t filter -A FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p tcp --sport 1863 -j ACCEPT
iptables -t filter -I FORWARD -s 0.0.0.0/0 -d 192.168.0.12/255.255.255.255 -p tcp --sport 1863 -j DROP
iptables -A FORWARD -s 192.168.0.12 -d messenger.hotmail.com -j DROP

Thanks anyway.. i hope this help another one.

RBrayM
0
 
LVL 4

Expert Comment

by:bytta
ID: 12477688
I only replied so I can get access to the answer from "My Account"... Thanks.

This is just one of many drawbacks of having a central server instead of local ones, like jabber.

0
 
LVL 5

Expert Comment

by:paranoidcookie
ID: 12491912
OK what I do to block messanger is to run a cache server (squid) and a program called dans gaurdian which does content blocking. You can hen use dansgaurdian to block chat servers.
I use iptables to run squid in transparent proxy mode so there is no client configuration and no way around the proxy.

Take a look at

http://www.squid-cache.org
http://dansguardian.org/

As a bonus using a proxy will speed up your interent connection!
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 16238615
PAQed with points refunded (80)

CetusMOD
Community Support Moderator
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question