issue completly solved. here is the scenario: 1. we connect to the internet through ISP proxy and thats why i couldnt block any thing when i start - sloved by running squid. 2. googling for MSN messenger port result on tcp:1863 but that was 3ala elfade bala mo2a`7theh - have no idea why. - solved by blocking login.live.com but there is a side effect, hotmail blocked too.
Mr. Ziad thanx for the link. next issue : allow hotmail. On 3/10/07, Zaid Amireh <[EMAIL PROTECTED]> wrote: > > > I wouldnt go with port filtering, MSN can tunnel over 80, I would try > layer 7 filtering but I haven't touched that in about 3 years so I > wont be able to help much. > > http://l7-filter.sourceforge.net/ > > good luck, and please report back if you are successfull. > > cheers > > Zaid > > On 3/10/07, Ahmad alsane <[EMAIL PROTECTED] > wrote: > > issue solved. > > > > NOW, is it possible to block a range of ports ( am trying to block MSN > > messenger at work ) using iptables? > > iptables -A LAN -d 217.8.64.130 -p tcp --sport (1900-2000) -j DROP <-- > > like this > > > > regards > > > > On 3/10/07, Zaid Amireh <[EMAIL PROTECTED]> wrote: > > > > > > > > http://netfilter.org/documentation/HOWTO//NAT-HOWTO-4.html#ss4.1 > > > > > > hope it helps ;) > > > > > > Zaid > > > > > > On 3/10/07, Ahmad alsane <[EMAIL PROTECTED]> wrote: > > > > hi all, > > > > i have a LAN ( 192.168.1.0/255.255.255.0) and DSL modem (speed touch > > 585i). > > > > am trying to install Linux firewall with iptables. > > > > > > > > LAN ( 192.168.1.0 ) --> FW ( 192.168.1.3) --> DSL modem ( > 192.168.1.254) > > ---> > > > > WAN > > > > > > > > i setl box gateway on LAN to 192.168.1.3 and the FW gateway to > > 192.168.1.254 > > > > and i can get into WAN from that box. > > > > but what ever iptables rule i set, nothing blocked. > > > > > > > > please point me if i had somthing wrong with my scheme > > > > -- > > > > REGARDS. > > > > Ahmad S. Alsane > > > > OAK CPA > > > > KSA - Jeddah > > > > +966 55 701 3494 > > > > > > > > > > > > > > > > > > -- > > > --------------------------- > > > Netiquette -> http://www.dtcc.edu/cs/rfc1855.html > > > Netiquette Nazi -> > > > > > http://redwing.hutman.net/%7Emreed/warriorshtm/netiquettenazi.htm > > > --------------------------- > > > > > > > > > > > > > > > > -- > --------------------------- > Netiquette -> http://www.dtcc.edu/cs/rfc1855.html > Netiquette Nazi -> > http://redwing.hutman.net/%7Emreed/warriorshtm/netiquettenazi.htm > --------------------------- > > > > -- REGARDS. Ahmad S. Alsane OAK CPA KSA - Jeddah +966 55 701 3494 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Jolug" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Jolug?hl=en-GB -~----------~----~----~----~------~----~------~--~---
