Find the answer to your Linux question:
Results 1 to 8 of 8
How is it possible to block yahoo messenger using iptables? The new version of yahoo messenger seems to be using IP address from a large range of IP addresses and ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2004
    Posts
    6

    block yahoo messenger


    How is it possible to block yahoo messenger using iptables? The new version of yahoo messenger seems to be using IP address from a large range of IP addresses and I also could not figure out a fixed port ...

  2. #2
    Just Joined!
    Join Date
    Sep 2004
    Location
    vacaville, ca
    Posts
    34

    Re: block yahoo messenger

    Quote Originally Posted by doshiaj
    How is it possible to block yahoo messenger using iptables? The new version of yahoo messenger seems to be using IP address from a large range of IP addresses and I also could not figure out a fixed port ...
    instead of trying to block out a iprange block the port that it uses 5050 i thinks....

    i think that its something like
    su
    iptables -p 5050 reject

    something like that or if ya wanna just block the ips i belive u can do something like block the iprange of 207.*.*.*
    maybe that will give ya some idears?

  3. #3
    Just Joined!
    Join Date
    Jun 2004
    Posts
    6
    I thought of blocking thru port as well, but I cud not get a fix port ...

    I tried blocking 5050 port, but it still gets connected .... I've got a utility which shows the remote IP and remote port for individual processes ( active ports running on windows ), it showed remote port as 23 (might not be feasible to block), but I still blocked both 5050 and 23 port, still it gets connected .... and this time the active ports utility cannot detect remote IP and remote port

    I think it doesn't use a fixed port ...

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Sep 2004
    Location
    vacaville, ca
    Posts
    34
    http://help.yahoo.com/help/us/mesg/use/use-17.html
    this is where i got the info from that.......

  6. #5
    Just Joined!
    Join Date
    Oct 2006
    Posts
    3

    block messenger

    hi,

    by using the following script we can block all messengers. Allow which ports you want.
    This will block all range of 192.168.0.0/24
    iptables -A INPUT -s 192.168.1.0/24 -j DROP -p tcp -i eth0
    iptables -A INPUT -s 192.168.1.0/24 -j DROP -p udp -i eth0
    #allow only http traffic
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 80
    #allow only https traffic
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 443
    #allow only mail imap
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 143
    #allow only mail smtp
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 25
    #allow only mail pop3
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 110
    #allow only RDP
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 3389
    #allow only VNC
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 5900
    #allow only VNC through web
    iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 5800

    Please let me know if you have any doubts regarding this.
    regards.
    Rajesh A.

  7. #6
    Just Joined! deyanar's Avatar
    Join Date
    May 2006
    Posts
    1

    Cool How To Block Yahoo Messenger WITH IPTABLES

    I tryied many solutions found on the forums. Finally, after many tests I Found the solution who work:

    # iptables -A OUTPUT -p TCP -d 0/0 -dport 5050 -j REJECT

    This will block all tcp packets to [ANY IP] having destination port 5050. Simple and eficient ... works well on my Fedora Core 6 Internet Gateway. Yahoo uses many servers for backup, and it's dificult to find all, but all uses same port to connect ... 5050 it's default port for messaging/chat.

    I hope to help U this

  8. #7
    Linux Guru Juan Pablo's Avatar
    Join Date
    Mar 2006
    Location
    /home/south_america/ecuador/quito
    Posts
    2,064
    Are you sure the user can't change the default port??
    Put your hand in an oven for a minute and it will be like an hour, sit beside a beautiful woman for an hour and it will be like a minute, that is relativity. --Albert Einstein
    Linux User #425940

    Don't PM me with questions, instead post in the forums

  9. #8
    Just Joined!
    Join Date
    Apr 2007
    Location
    Medan, Indonesia
    Posts
    1

    Arrow

    Quote Originally Posted by deyanar
    I tryied many solutions found on the forums. Finally, after many tests I Found the solution who work:

    # iptables -A OUTPUT -p TCP -d 0/0 -dport 5050 -j REJECT

    This will block all tcp packets to [ANY IP] having destination port 5050...
    A little fix, the command becomes:
    Code:
    iptables -A OUTPUT -p TCP -d 0/0 --dport 5050 -j REJECT
    that's it! and the command will run properly without "multiple -d flags not allowed" message.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •