Solved

How to Block GTalk Messenger?

Posted on 2008-11-01
4
1,322 Views
Last Modified: 2013-12-06
We have a Squid Server Version 2.6 running on a Fedora Core 7 Box. I need to block the Gtalk Messenger on the network.

Please Help...... Thanks
0
Comment
Question by:efg-uae
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Deepak Kosaraju
Comment Utility
It will be hard to block the web gtalk unless you also block gmail from the banned sites. For gtalk client just block the port gtalk runs under (5223).
Add the following in Squid...
http_access deny blocked ports
acl blocked_ports port 5223 5222

0
 
LVL 14

Expert Comment

by:Deepak Kosaraju
Comment Utility
you can block talk.google.com using iptables.

iptables -A PREROUTING -t nat -d talk.google.com -j DROP
iptables -A PREROUTING -t nat -p tcp --dport 5222 -j DROP

more than this level would require squid to allow https to gmail.google.com, but block it for all other .google.com sites.

and the best tool to block is layer7 filtering protocol:
http://l7-filter.sourceforge.net/
Gud luck
0
 
LVL 7

Author Comment

by:efg-uae
Comment Utility
I dont want to use the ipTables. as i need to manage its access for some users. not for all.
I need solution in Squid only.
0
 
LVL 7

Accepted Solution

by:
efg-uae earned 0 total points
Comment Utility
I am done.
I used Wireshark to track the all IPs. and then blocked all IP's by IPTables.
Following is the list of IPs. and I have Make a Exclusion for some of my MAC Addresses. so that some users who are allowed for Gtalk can use it.
 

iptables -A PREROUTING -t nat -m mac --mac-source xx:xx:xx:xx:xx:xx -j ACCEPT

iptables -A PREROUTING -t nat -d talk.google.com -j DROP
iptables -A PREROUTING -t nat -p tcp --dport 5222 -j DROP
iptables -A PREROUTING -t nat -d 209.85.163.125 -j DROP
iptables -A PREROUTING -t nat -d 72.14.205.189 -j DROP
iptables -A PREROUTING -t nat -d 216.239.51.125 -j DROP
iptables -A PREROUTING -t nat -d 209.85.201.125 -j DROP
iptables -A PREROUTING -t nat -d 74.125.77.103 -j DROP
iptables -A PREROUTING -t nat -d 72.14.235.125 -j DROP
iptables -A PREROUTING -t nat -d 72.14.253.125 -j DROP
 For me it works very fine. and Gtalk was unable to connect.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

In order for businesses to be compliant with certain information security laws in some countries, you need to be able to prove that a user (which user it was becomes important to the business to take action against the user after an event has occurr…
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now