There are verious ways to 'block' packets from unwanted apps. Some use netfilter some don't. You can block mime types using a squid proxy. You can block arbitrary strings in packets using the string match support in the P-O-M for netfilter, e.g. -m string --string 'KAZAA' Most applications use specific ports and protocols, so you could find a combination of those and block the app that way, e.g. MSN messenger uses TCP port 1863 Some apps need to contact a central server, so blocking that server will effectively disable the app, e.g. Yahoo messenger. Regards Ray On Thu, 2003-06-26 at 10:03, Liber Chrétien wrote: > Hello, > I've been looking for some information but couldn't find, so here it goes, I'm asking > to the list : (excuse my technical english if I'm not clear enough) > > I've a LAN at home with mdk as server and win and mdk on the clients > > My question is : is there a way to block certain applications, such as specific > softwares (office suite for example), to access internet with iptables? > How to identify the packets emitted from such applications and block them ? > > Thanks > > Bruno > -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part
