Topic: Block ICQ Port

[Jon Cweson]

I'm trying to block ports.  And nobody can give me a good answer.

I know how to do the templates-custom thing... and I know where to find masq.

But the ipchains thing has me scratching my head.


I want to stop the employees from using ICQ, AIM and other chat software on the LAN.

[Jon Cweson]

Hello?

[Jon Cweson]

/sbin/ipchains --append input -s 205.188.0.0/16   -j DENY
    /sbin/ipchains --append input -d 205.188.0.0/16    -j DENY

    /sbin/ipchains --append output -s 205.188.0.0/16    -j DENY
    /sbin/ipchains --append output -d 205.188.0.0/16    -j DENY


    /sbin/ipchains --append input -s 64.12.0.0/16   -j DENY
    /sbin/ipchains --append input -d 64.12.0.0/16    -j DENY

    /sbin/ipchains --append output -s 64.12.0.0/16    -j DENY
    /sbin/ipchains --append output -d 64.12.0.0/16    -j DENY


This is what I have so far.  Blocking the UDP port is a waste of time, because it keeps changing.

Those monkey-ass programmers at Mirabilis are worse than virus programmers.  I just can't stop it.

[Simeon]

To cut off ICQ for everyone, just comment out (prefix with '#") the loading of the ICQ masquerade module in /etc/rc.d/init.d/masq (and in its template).

[Jon Cweson]

Thanks.  That's a very good idea.