How is it possible to block yahoo messenger using iptables? The new version of yahoo messenger seems to be using IP address from a large range of IP addresses and I also could not figure out a fixed port ...
Printable View
How is it possible to block yahoo messenger using iptables? The new version of yahoo messenger seems to be using IP address from a large range of IP addresses and I also could not figure out a fixed port ...
instead of trying to block out a iprange block the port that it uses 5050 i thinks....Quote:
Originally Posted by doshiaj
i think that its something like
su
iptables -p 5050 reject
something like that or if ya wanna just block the ips i belive u can do something like block the iprange of 207.*.*.*
maybe that will give ya some idears?
I thought of blocking thru port as well, but I cud not get a fix port ...
I tried blocking 5050 port, but it still gets connected .... I've got a utility which shows the remote IP and remote port for individual processes ( active ports running on windows ), it showed remote port as 23 (might not be feasible to block), but I still blocked both 5050 and 23 port, still it gets connected .... and this time the active ports utility cannot detect remote IP and remote port :(
I think it doesn't use a fixed port ...
http://help.yahoo.com/help/us/mesg/use/use-17.html
this is where i got the info from that.......
hi,
by using the following script we can block all messengers. Allow which ports you want.
This will block all range of 192.168.0.0/24
iptables -A INPUT -s 192.168.1.0/24 -j DROP -p tcp -i eth0
iptables -A INPUT -s 192.168.1.0/24 -j DROP -p udp -i eth0
#allow only http traffic
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 80
#allow only https traffic
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 443
#allow only mail imap
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 143
#allow only mail smtp
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 25
#allow only mail pop3
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 110
#allow only RDP
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 3389
#allow only VNC
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 5900
#allow only VNC through web
iptables -I INPUT -s 192.168.1.0/24 -j ACCEPT -p tcp -i eth0 --dport 5800
Please let me know if you have any doubts regarding this.
regards.
Rajesh A.
I tryied many solutions found on the forums. Finally, after many tests I Found the solution who work:
# iptables -A OUTPUT -p TCP -d 0/0 -dport 5050 -j REJECT
This will block all tcp packets to [ANY IP] having destination port 5050. Simple and eficient ... works well on my Fedora Core 6 Internet Gateway. Yahoo uses many servers for backup, and it's dificult to find all, but all uses same port to connect ... 5050 it's default port for messaging/chat.
I hope to help U this
Are you sure the user can't change the default port??
A little fix, the command becomes:Quote:
Originally Posted by deyanar
that's it! and the command will run properly without "multiple -d flags not allowed" message. ;)Code:iptables -A OUTPUT -p TCP -d 0/0 --dport 5050 -j REJECT