Re: blocking msn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2004-12-23 at 10:13, Askar wrote:
> hey here is quick question let suppose i drop MSN with the below rule
> 
> #iptables -A FORWARD -p tcp --dport 1863 -j DROP
> 
> but its not enough, if 1863 is blocked it tries to use port 80.
> 
> any work around ?
> regards

the "proper" way to do this, is to block "--dport 1863" in your firewall
rules, and also REDIRECT port 80 traffic to a transparent HTTP proxy
(like squid), and use ACLs in the proxy to block access to:

  http://gateway.messenger.hotmail.com/gateway/gateway.dll

if you want to do this with just IP filtering, you could try blocking
port 80 access to 207.46.104.20, which is what that FQDN currently
resolves to--but this solution is kludgey and requires that you keep up
with the IP address(es) constantly.

-j

--
"I have been shot eight times this year, and as a result, I almost
 missed work."
	--The Simpsons



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux