Trying to block Yahoo! Messenger & MSN Messenger without disallowing
connections to TCP ports 443 & 563 or blocking Yahoo! Mail and HotMail in
squid v2.5 stable1.
Following is the interesting part in squid.conf:
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
In the access log, I see the following:
1046394571.141 9423 127.0.0.1 TCP_MISS/200 2755 CONNECT
loginnet.passport.com:443 - DIRECT/65.54.228.253 -
1045515709.636 12619 127.0.0.1 TCP_MISS/200 15952 CONNECT
login.yahoo.com:443 - DIRECT/64.58.76.98 -
My guess is the Messengers would connect through any open port, but I have
not tested it.
Obviously, both are working. Blocking access to port 443 is out of the
question as this disables access to secure web sites through squid. Blocking
loginnet.passport.com and login.yahoo.com would mean login becomes
impossible to HotMail and Yahoo! Mail.
Any ideas on how to "surgically" block the Messengers without blocking
Yahoo! Mail and HotMail in squid?
TIA
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:52 MST