[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Stop yahoo messenger
Hi Techs,
Any idea on how to block yahoo messenger using Packet Filter.
I tried blocking cs.yahoo.com scsa.yahoo.com and also port 5050 but couldn't
stop yahoo from getting out of the packet filter.
One more thing i have noticed is PF is matching only the first IP
address of cs.yahoo.com and scsa.yahoo.com instead of all the IP address they
resolve.
Thanks
jagadish
Here is the rules i am using to block yahoo and other messengers.
--------------------------------------------------------------------
$DefProto="{ tcp, udp }"
# Target cs.yahoo.com
Yahoo_Messenger_Host1="{ 216.136.226.208/32, 216.136.233.128/32,
216.136.233.129/32 }"
# Target scsa.yahoo.com
Yahoo_Messenger_Host2="{ 216.136.175.144/32, 216.136.225.12/32,
216.136.227.168/32, 216.136.224.213/32, \
216.136.175.142/32, 216.136.175.143/32, 216.136.233.132/32,
216.136.224.214/32, 216.136.225.11/32 }"
# Blocking Yahoo Messenger Services.
block out log quick from any to $Yahoo_Messenger_Host1
block out log quick from any to $Yahoo_Messenger_Host2
block in log quick from $Yahoo_Messenger_Host1 to any
block in log quick from $Yahoo_Messenger_Host2 to any
# http://www.venkydude.com/articles/yahoo.htm
block out log quick inet proto $DefProto from any to any port = 5050
block in log quick inet proto $DefProto from any to any port = 5050
# Block ICQ/AIM traffic
block out log quick inet proto $DefProto from any to any port = 5190
block in log quick inet proto $DefProto from any to any port = 5190
# Block MSN Messenger services
# http://messenger.msn.com/support/firewall.asp
block out log quick inet proto $DefProto from any to any port = 1863
block in log quick inet proto $DefProto from any to any port = 1863