[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2788
  • Last Modified:

Blocking Gtalk

Dear Experts
I would like to know is there any way to block gtalk through squid proxy? bcos gtalk can be access through gmail, I dont like to block gmail but i would like to block gtalk part.
0
ranadastidar
Asked:
ranadastidar
  • 2
1 Solution
 
cozminskyCommented:
There should be a way to do this. Although you'd have to find out the specific URL's that are involved. I'd suggest maybe using the http live headers plugin for firefox and see what requests are made when using the Chat component of Google's web chat and then disabling these URLs via an ACL.
0
 
ranadastidarAuthor Commented:
U r wrong cozminsky, if i block that url then no one can access gmail
0
 
Gabriel OrozcoSolution ArchitectCommented:
you can block talk.google.com:

iptables -A PREROUTING -t nat -d talk.google.com -j DROP
iptables -A PREROUTING -t nat -p tcp --dport 5222 -j DROP

more than this level would require squid to allow https to gmail.google.com, but block it for all other .google.com sites.

and the best tool to block is layer7 filtering protocol:
http://l7-filter.sourceforge.net/
0
 
cozminskyCommented:
Okay, I sat down and looked at it for 15 minutes. I found the URL. You'll need to put the following lines in squid. If you're using a different proxy then you'll need to change this.

acl gtalk url_regex -i ^http://mail.google.com/mail/channel/bind.*$

http_access deny gtalk

Once those two lines are added to the relevant sections the gtalk section will come up as:

We're experiencing technical difficulties that may prevent your chats from being sent, along with the login screen cycling continuously.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now