This below URL says how to block msn masanger with squid. http://blogs.techrepublic.com.com/networking/?p=308 On Feb 12, 2008 12:27 PM, Ashok Gautam(gashok) <gashok@xxxxxxxxxxxx> wrote: > Dear Jörg, > I tried to block port but msn try its default port and lastly it try for > port 80 so blocking port does not work at all. > > I tried below at my rule in iptables: > msn_port_block="6891:6901 1863 1590 5050 5150 8000 5101 1638 15001 1644 > 5000 1614 1677 1455 1071 1074 8001 1073" > for port_block in $msn_port_block > { > $FORWARD -p tcp --dport $port_block -j DROP > $FORWARD -p udp --dport $port_block -j DROP > } > > But my friend msn and yahoo msn uses port 80 at last if it don't find > any its default port open so as I heard we can block it by knowing the > traffic pattern of msn and yahoo messenger. > Doing above I get a result that signing msn will take longer time to > sign in any way it gets sign in. > > regards, > Ashok Gautam > > > Jörg Hoffmann wrote: > > Hi, > > > > A good way should be banning the port-range via iptables > > So you can even block tunnels which might allow every other application to > > leave your network > > > > Otherwise you can add acls to squid to block such ports. In the advanced > > configuration manual is a hint how to do this. > > > > Greetings > > Jörg H. > > > > -----Ursprüngliche Nachricht----- > > Von: Ashok Gautam(gashok) [mailto:gashok@xxxxxxxxxxxx] > > Gesendet: Dienstag, 12. Februar 2008 07:01 > > An: squid-users@xxxxxxxxxxxxxxx > > Betreff: Blocking MSN, YAHOO and other messenger clients > > > > > Dear all, > > Currently I am managing linux box having squid and other network with > > 60+ nodes in a organization. But now the requirement came that to block > > MSN, YAHOO, GOOGLETALK, and other remaining messenger clients. > > > > Please show me the way how to block all the messengers this might be > > already done by one of you friends. > > > > Thanks in advance!! > > > > regards, > > Ashok Gautam > > > > > > > > > -- Thank you Indunil Jayasooriya