[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Stop yahoo messenger

To: "Jolan Luff" <jolan@encryptedemail.net>
Subject: Re: Stop yahoo messenger
From: "Jagadish" <jag@qsupport.com>
Date: Sat, 4 May 2002 12:20:01 +0530
Cc: <tech@openbsd.org>

am trying to block yahoo for Win98 SE clients.
The rule set i have attached blocks Yahoo on Windows 2000 professional
Wonder why it is not working for win98.

I tried flushing the rules 'pfctl -F rules' and loaded the rules again no
luck!.
Am not keeping state.

jagadish

-----Original Message-----
From: Jolan Luff [mailto:jolan@encryptedemail.net]
Sent: Saturday, May 04, 2002 12:08 PM
To: Jagadish
Subject: RE: Stop yahoo messenger


it should match, yeah..

the rule i sent you works fine for me to block aim.

are you keeping state? are there connections in the state table to aim?

disconnect from all the services, flush the state table, and then try to
reconnect


"A man of genius makes no mistakes. His errors are volitional
and are the portals of discovery." -- James Joyce

On Sat, 4 May 2002, Jagadish wrote:

> Did that!!  no luck.
> But if you don't specify the Interface it should match all right ??
>
> jagadish
>
> -----Original Message-----
> From: Jolan Luff [mailto:jolan@encryptedemail.net]
> Sent: Saturday, May 04, 2002 11:46 AM
> To: Jagadish
> Subject: Re: Stop yahoo messenger
>
>
> you have to specify the external interface to block the packets on.
>
> for instance:
>
> #block out on fxp0 proto tcp from any to any port = 5190
> #block in on fxp0 proto tcp from any to any port = 5190
>
>
> -jolan
>
>
> "A man of genius makes no mistakes. His errors are volitional
> and are the portals of discovery." -- James Joyce
>
> On Sat, 4 May 2002, Jagadish wrote:
>
> > Hi Techs,
> > 	Any idea on how to block yahoo messenger using Packet Filter.
> > I tried blocking cs.yahoo.com scsa.yahoo.com and also port 5050 but
> couldn't
> > stop yahoo from getting out of the packet filter.
> >      One more thing i have noticed is PF is matching only the first IP
> > address of cs.yahoo.com and scsa.yahoo.com instead of all the IP address
> they
> > resolve.
> >
> > Thanks
> > jagadish
> >
> >
> > Here is the rules i am using to block yahoo and other messengers.
> > --------------------------------------------------------------------
> > $DefProto="{ tcp, udp }"
> >
> > # Target cs.yahoo.com
> > Yahoo_Messenger_Host1="{ 216.136.226.208/32, 216.136.233.128/32,
> > 216.136.233.129/32 }"
> >
> > # Target scsa.yahoo.com
> > Yahoo_Messenger_Host2="{  216.136.175.144/32, 216.136.225.12/32,
> > 216.136.227.168/32, 216.136.224.213/32, \
> > 216.136.175.142/32, 216.136.175.143/32, 216.136.233.132/32,
> > 216.136.224.214/32, 216.136.225.11/32 }"
> >
> > # Blocking Yahoo  Messenger Services.
> > block out log quick from any to $Yahoo_Messenger_Host1
> > block out log quick from any to $Yahoo_Messenger_Host2
> > block in log quick from $Yahoo_Messenger_Host1 to any
> > block in log quick from $Yahoo_Messenger_Host2 to any
> >
> > # http://www.venkydude.com/articles/yahoo.htm
> > block out log quick inet proto $DefProto from any to any port = 5050
> > block in  log quick inet proto $DefProto from any to any port = 5050
> >
> > # Block ICQ/AIM traffic
> > block out log quick inet proto $DefProto from any to any port = 5190
> > block in  log quick inet proto $DefProto from any to any port = 5190
> >
> > # Block MSN Messenger services
> > # http://messenger.msn.com/support/firewall.asp
> > block out log quick inet proto $DefProto from any to any port = 1863
> > block in  log quick inet proto $DefProto from any to any port = 1863

Prev by Date: Re: Stop yahoo messenger
Next by Date: sparc64 ipv6 query???
Prev by thread: Re: Stop yahoo messenger
Next by thread: sparc64 ipv6 query???
Index(es):
- Date
- Thread