Monday, September 6, 2010
11:04 AM

How to block Messenger (Yahoo, Trillian, Skype , MSN , ICQ, Gizmo, AOL) using squid

AOL Instant Messenger (AIM)
Note: AOL are known to change their Server IPs. The list below cannot be confirmed.
# AOL
acl aol dst 64.12.200.89/32 64.12.161.153/32 64.12.161.185/32
acl aol dst 205.188.153.121/32 205.188.179.233/32
http_access deny aol
Gizmo Project:
Gizmo Project include software to connect to a wide range of messaging protocols and VoIP services.
# Gizmo Project
acl gizmo dstdomain .gizmoproject.com
# Gizmo VoIP
acl gizmo dstdomain .talqer.com .gizmocall.com .fring.com
# Gizmo Chat
acl gizmo dstdomain .pidgin.im
http_access deny gizmo
ICQ ("I Seek You")
# ICQ
acl icq dstdomain .icq.com
http_access deny icq
MSN Messenger and Windows Live Messenger
# MSN Messenger
acl msn urlpath_regex -i gateway.dll
acl msnd dstdomain messenger.msn.com gateway.messenger.hotmail.com
acl msn1 req_mime_type application/x-msn-messenger

http_access deny msnd
http_access deny msn
http_access deny msn1
Skype
# Skype
acl numeric_IPs dstdom_regex ^(([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|(\[([0-9af]+)?:([0-9af:]+)?:([0-9af]+)?\])):443
acl Skype_UA browser ^skype^

http_access deny numeric_IPS
http_access deny Skype_UA
Note: Recent releases of Skype have been evading the above restriction by not sending their User-Agent headers and using domain names. The following can be used to catch those installs, but be aware it will likely also catch other agents.
acl validUserAgent browser \S+
http_access deny !validUserAgent
Trillian
# Trillian
acl trillian dst 66.216.70.167/32
http_access deny trillian
Yahoo! Messenger
# Yahoo! Messenger
acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com
acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com
acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com
acl ym dstdomain .voice.yahoo.com

acl ymregex url_regex yupdater.yim ymsgr myspaceim

# Other protocols Yahoo!Messenger uses ??
acl ym dstdomain .skype.com .imvu.com

http_access deny ym
http_access deny ymregex

0 comments:

Post a Comment