Re: [squid-users] block chat

From: Matus UHLAR - fantomas <uhlar@dont-contact.us>
Date: Wed, 2 Apr 2008 15:32:57 +0200

> click007 wrote:
> >i m setting up squid proxy to block gtalk & msn, etc...
> >i found through internet to block port 5223 & 5222 for gtalk
> >i tried to block by acl block_port 5223 5222 but it didnt block
> >
> >plz guide me to block these chat
> >thansks

On 02.04.08 22:04, Amos Jeffries wrote:
> Most chat programs have their own chat Protocol which is _NOT_ HTTP
> Protocol.
>
> You have to block them at the firewall first and only if they start
> using the proxy do you need to block them in squid.

squid only can do something when those are tunelled through squid via
CONNECT requests or accessed via squid using HTTP (not HTTPS) protocol.
That would require building a list of sites, hosts and ports and mainting
it.

Otherwise, you need content inspector, which hopefully can do detect
what protocol is used.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
Received on Wed Apr 02 2008 - 07:33:02 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT