Roland Roland wrote:
i have the following config set to allow msn messenger to connect
through my squid.
acl msnport port 1863
http_access allow connect msnport
http_access allow msnport
i have a security breach where one of the users may be using port 1863
to reach a paid proxy that he acquired.
is there a way to allow port 1863 to only work with msn messenger
destinations? i've already denied access to that domain and warned the
user but i want a more permanent solution
the simplest way possible is to do an AND access rule with msn's domains
but there's a vast list of domains that should be added and i dont have
them all..
so is there another way ?
PS: i'm using ADIUM client to connect to msn so when using msn's mime
type its not working not sure why...
Port 1863 does not go through Squid. It's the native MSN protocol port.
MSN is capable of using port 80 properly for Squid to control if port
1863 is locked down.
These are the rules we know about for controlling port 80 MSN access
with Squid:
http://wiki.squid-cache.org/ConfigExamples/Chat/MsnMessenger
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21
Current Beta Squid 3.1.0.15
