Filter yahoo messenger

I am using FreeBSD 4.9 as a routing/web/mail (pop3) server

I want to filter all clients that are using Yahoo Messenger.
All the solutions that I could find with Google are useless.

I even tried to filter all ports from 500 to 65500 and no use, Yahoo Messenger
still connects.

I found a doc. that explains that filtering a certain IP addres from the authentification server
will stop users from using YM but the solution never worked. I filtered entire IP classes that I collected
using netstat -n or trafshow. No use.

Please tell me a solution, with ipfw rules if it's possible.
Please test te solution, because it's higly iprobable that it will work.

My outside interface it's fxp0 using IP
    inside interface it's rl0 using IP

ports 21, 22, 25, 80, 110, 445, 1526 and 3389 MUST remain open to all connections.

Much apreciated
LVL 11
Who is Participating?
GhitzaConnect With a Mentor Commented:
Did you try to ask yahoo to assist you with this ?
A friend of mine had the same problem and he contacted yahoo helper and they sent him a specific script (destinated to his specific version of FreeBSD) that must be executed and the script generates some list with the IP's of the servers currently used by yahoo messenger , IP's and ports that must be added to your firewall.
And he must keep in touch with the helpers because yahoo keeps updating the list of servers that they use.
So I suggest that you write to the yahoo helper (it's in your contacts list), and ask them to assist you, and I am sure that they will. And they will send you the version of the script that suits your FreeBSD version.

Good luck
As far as i know, Yahoo messenger uses the standard HTTP port 80 to connect to the system. You should probably employ firewall at your server. Almost all firewalls give you packet-filtering can block TCP packets going to the yahoo server.

Messenger can proxy via port 80, so if you have other web traffic, it would be tricky to separate.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

calinutzAuthor Commented:
I know that...
That's why I have a problem. I thought you experts could help me solve this.
Hanno P.S.IT Consultant and Infrastructure ArchitectCommented:
Depending on your firewall you can filter "on application-type": I've done this
with Check Point firewall successfully -- but don't know what firewall you could
The problem ist that the HTTP traffic on port 80 has to be examined more
deeply than just with "packet filtering" standards
calinutzAuthor Commented:
I have ipfw firewall.
Can you help me with this problem?
calinutzAuthor Commented:
I wonder how come I did not think of that in the first place... contact yahoo helper... it was allways in front of me
Thanks a lot man. You deserve the points. I was going to ask for a refund of my points for this question these days but you made my day.
Thanks again
Chiar ca meriti punctele
All Courses

From novice to tech pro — start learning today.