rbraym
asked on
BLOCK MSN MESSENGER
Hello Experts.
I have a user wich IP is 192.168.0.12 and gateway 192.168.0.4. I want block MSN Messenger for this user. I have a Gateway server (it does NAT 192.168.0.0/24 to 63.245.101.5). I'm using linux redhat 9.0. External interface (INTERNET) is eth0, internal is eth1 (LAN). I tried putting this in my FIREWALL script, just testing, but it doesn't block anything:
iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT
How can i do, using iptables, to block MSN messenger for this specific user.???
Thanx.
I have a user wich IP is 192.168.0.12 and gateway 192.168.0.4. I want block MSN Messenger for this user. I have a Gateway server (it does NAT 192.168.0.0/24 to 63.245.101.5). I'm using linux redhat 9.0. External interface (INTERNET) is eth0, internal is eth1 (LAN). I tried putting this in my FIREWALL script, just testing, but it doesn't block anything:
iptables -A FORWARD -p TCP --dport 1863 -j REJECT
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT
How can i do, using iptables, to block MSN messenger for this specific user.???
Thanx.
ASKER
Thanks but i found the solution!!
I just put these lines in my FIREWALL script and it worked!!
iptables -t filter -A FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p tcp --sport 1863 -j ACCEPT
iptables -t filter -I FORWARD -s 0.0.0.0/0 -d 192.168.0.12/255.255.255.2 55 -p tcp --sport 1863 -j DROP
iptables -A FORWARD -s 192.168.0.12 -d messenger.hotmail.com -j DROP
Thanks anyway.. i hope this help another one.
RBrayM
I just put these lines in my FIREWALL script and it worked!!
iptables -t filter -A FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p tcp --sport 1863 -j ACCEPT
iptables -t filter -I FORWARD -s 0.0.0.0/0 -d 192.168.0.12/255.255.255.2
iptables -A FORWARD -s 192.168.0.12 -d messenger.hotmail.com -j DROP
Thanks anyway.. i hope this help another one.
RBrayM
I only replied so I can get access to the answer from "My Account"... Thanks.
This is just one of many drawbacks of having a central server instead of local ones, like jabber.
This is just one of many drawbacks of having a central server instead of local ones, like jabber.
OK what I do to block messanger is to run a cache server (squid) and a program called dans gaurdian which does content blocking. You can hen use dansgaurdian to block chat servers.
I use iptables to run squid in transparent proxy mode so there is no client configuration and no way around the proxy.
Take a look at
http://www.squid-cache.org
http://dansguardian.org/
As a bonus using a proxy will speed up your interent connection!
I use iptables to run squid in transparent proxy mode so there is no client configuration and no way around the proxy.
Take a look at
http://www.squid-cache.org
http://dansguardian.org/
As a bonus using a proxy will speed up your interent connection!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
So unless you want to block all web access - this is a tough question...