From mboxrd@z Thu Jan 1 00:00:00 1970 From: "hare ram" Subject: Re: Blocking file type by iptables? Date: Mon, 25 Aug 2003 11:34:38 +0530 Sender: netfilter-admin@lists.netfilter.org Message-ID: <001901c36ace$c5cc1780$c2bf09ca@Housecall> References: <20030825055506.47437.qmail@web20709.mail.yahoo.com> Reply-To: "hare ram" Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0016_01C36AFC.DE1C3800" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: ads nat , netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_0016_01C36AFC.DE1C3800 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi Go to netfilter.org and you can find Patch-o-matic hare ----- Original Message -----=20 From: ads nat=20 To: hare ram ; netfilter@lists.netfilter.org=20 Sent: Monday, August 25, 2003 11:25 AM Subject: Re: Blocking file type by iptables? Please tell me what is POM. I tried blocking url_regen from squid. It = has blocked kazza sites but still users are able to down load through = search. I have just started learning Iptables, totally new. But by going = through mail archieve i think STRING blocking is similer to URL_regen = blocking in squid.=20 Thanks=20 hare ram wrote: Hi If you want to block Kazaa use STRING from POM, it will work great=20 hare ----- Original Message -----=20 From: ads nat=20 To: George Vieira ; netfilter@lists.netfilter.org=20 Sent: Monday, August 25, 2003 8:28 AM Subject: RE: Blocking file type by iptables? Even if you block all ports except 80. Kazza manages to access = through port 80. So I don't think this will work. Thanks George Vieira wrote: No because this is a bad idea. not only does the CPU have a bad = day goign through every packet sniffing for file extensions but also = that other innocent data can get blocked when it shouldn't be.. 1. The only thing you can do is block all outgoing/incoming = ports and allow only some (25,80) 2. Use transparent squid proxy to limit access and get it to use = regex expressions on URLs you may also want to block. 3. Block any and all MSN/Kazaa/ICQ servers addresses You could also setup a fake primary DNS domain like aol.com and = icq.com and point to yourself... this is what I've done for ICQ to stop = those damn ADs.. if the clients can't resolve the DNS for those domains = then they also can't connect. But then they get smart and put a hosts = file in their machine.. ;) Thanks, ____________________________________________ George Vieira Citadel Computer Systems Pty LtdSystems Managergeorgev AT = citadelcomputer DOT com DOT au Citadel Computer Systems Pty Ltd Phone : +61 2 9955 2644HelpDesk: +61 2 9955 = 2698http://www.citadelcomputer.com.au -----Original Message----- From: ads nat [mailto:adsnat@yahoo.com] Sent: Monday, August 25, 2003 2:22 AM To: netfilter@lists.netfilter.org Subject: Blocking file type by iptables? Hi, I have gone through mail archives to check whether can be = blocked. I also checked squid mailing list. But thre is no definite = solution to block kazza file downloads. I would like t know whether = using iptables can i block particular type of file. If I block .mpeg, = .mp3 files through IPtables then it does not matter from which site file = is coming. It will get blocked. Any suggestion and solutions. Thanks ------------------------------------------------------------------------ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software=20 -------------------------------------------------------------------------= - Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software -------------------------------------------------------------------------= ----- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software ------=_NextPart_000_0016_01C36AFC.DE1C3800 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi
 
Go to netfilter.org
 
and you can find = Patch-o-matic
 
hare
----- Original Message -----
From:=20 ads = nat
To: hare ram ; netfilter@lists.netfilter.o= rg=20
Sent: Monday, August 25, 2003 = 11:25=20 AM
Subject: Re: Blocking file type = by=20 iptables?

Please tell me what is POM. I tried blocking url_regen from = squid. It has=20 blocked kazza sites but still users are able to down load through = search. I=20 have just started learning Iptables, totally new. But by going through = mail=20 archieve i think STRING blocking is similer to URL_regen blocking in = squid.=20
Thanks 

hare ram <hareram@sol.net.in>=20 wrote:
Hi
 
If you want to block = Kazaa
use STRING from POM, it will work = great=20
 
hare
----- Original Message ----- =
From:=20 ads = nat=20
To: George Vieira ; = netfilter@lists.netfilter.o= rg=20
Sent: Monday, August 25, = 2003 8:28=20 AM
Subject: RE: Blocking file = type by=20 iptables?

Even if you block all ports except 80. Kazza manages to = access=20 through port 80. So I don't think this will work.
Thanks

George Vieira <georgev@citadelcomputer.co= m.au>=20 wrote:
No because this is a bad idea. not only does the CPU = have a bad=20 day goign through every packet sniffing for file extensions but = also=20 that other innocent data can get blocked when it shouldn't=20 be..
 
1. The only thing you can do is block all = outgoing/incoming ports=20 and allow only some (25,80)
2. Use transparent squid proxy to limit access and get = it to use=20 regex expressions on URLs you may also want to=20 block.
3. Block any and all MSN/Kazaa/ICQ servers=20 addresses
 
You could also setup a fake primary DNS domain like = aol.com and=20 icq.com and point to yourself... this is what I've done for ICQ = to stop=20 those damn ADs.. if the clients can't resolve the DNS for those = domains=20 then they also can't connect. But then they get smart and put a = hosts=20 file in their machine.. ;)
 
 
 
 

Thanks,

 
____________________________________________George Vieira
 Citadel Computer Systems Pty=20 Ltd Systems Manager georgev AT citadelcomputer DOT com DOT = au
Citadel Computer Systems Pty Ltd
Phone : +61 2 = 9955=20 2644 HelpDesk: +61 = 2 9955=20 2698 http://www.citadelcomputer.co= m.au
 
 
-----Original Message-----
From: ads nat=20 [mailto:adsnat@yahoo.com]
Sent: Monday, August 25, = 2003 2:22=20 AM
To: = netfilter@lists.netfilter.org
Subject:=20 Blocking file type by iptables?

Hi,
I have gone through mail archives to check whether can be = blocked.=20 I also checked squid mailing list. But thre is no definite = solution to=20 block kazza file downloads. I would like t know whether using = iptables=20 can i block particular type of file. If I block .mpeg, .mp3 = files=20 through IPtables then it does not matter from which site file is = coming.=20 It will get blocked.
Any suggestion and solutions.
Thanks

Do you Yahoo!?
Yahoo!=20 SiteBuilder - Free, easy-to-use web site design software =

Do you Yahoo!?
Yahoo!=20 SiteBuilder - Free, easy-to-use web site design=20 software

Do you Yahoo!?
Yahoo!=20 SiteBuilder - Free, easy-to-use web site design=20 software ------=_NextPart_000_0016_01C36AFC.DE1C3800--