Solved

How to Block GTalk Messenger?

Posted on 2008-11-01
4
1,326 Views
Last Modified: 2013-12-06
We have a Squid Server Version 2.6 running on a Fedora Core 7 Box. I need to block the Gtalk Messenger on the network.

Please Help...... Thanks
0
Comment
Question by:efg-uae
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 22860403
It will be hard to block the web gtalk unless you also block gmail from the banned sites. For gtalk client just block the port gtalk runs under (5223).
Add the following in Squid...
http_access deny blocked ports
acl blocked_ports port 5223 5222

0
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 22860410
you can block talk.google.com using iptables.

iptables -A PREROUTING -t nat -d talk.google.com -j DROP
iptables -A PREROUTING -t nat -p tcp --dport 5222 -j DROP

more than this level would require squid to allow https to gmail.google.com, but block it for all other .google.com sites.

and the best tool to block is layer7 filtering protocol:
http://l7-filter.sourceforge.net/
Gud luck
0
 
LVL 7

Author Comment

by:efg-uae
ID: 22860424
I dont want to use the ipTables. as i need to manage its access for some users. not for all.
I need solution in Squid only.
0
 
LVL 7

Accepted Solution

by:
efg-uae earned 0 total points
ID: 22860616
I am done.
I used Wireshark to track the all IPs. and then blocked all IP's by IPTables.
Following is the list of IPs. and I have Make a Exclusion for some of my MAC Addresses. so that some users who are allowed for Gtalk can use it.
 

iptables -A PREROUTING -t nat -m mac --mac-source xx:xx:xx:xx:xx:xx -j ACCEPT

iptables -A PREROUTING -t nat -d talk.google.com -j DROP
iptables -A PREROUTING -t nat -p tcp --dport 5222 -j DROP
iptables -A PREROUTING -t nat -d 209.85.163.125 -j DROP
iptables -A PREROUTING -t nat -d 72.14.205.189 -j DROP
iptables -A PREROUTING -t nat -d 216.239.51.125 -j DROP
iptables -A PREROUTING -t nat -d 209.85.201.125 -j DROP
iptables -A PREROUTING -t nat -d 74.125.77.103 -j DROP
iptables -A PREROUTING -t nat -d 72.14.235.125 -j DROP
iptables -A PREROUTING -t nat -d 72.14.253.125 -j DROP
 For me it works very fine. and Gtalk was unable to connect.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to create custom bootable image of Centos 7.2 4 126
CentOS User Audit 3 88
DRBD HA between 2 VM guests, between 2 vSphere nodes. 4 102
mobaxterm not able to change directory 28 207
This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question