It's more simple deny the messenger's port. try the follow rule: /sbin/iptables -t filter -A FORWARD -p tcp --dport 1863:1864 -j DROP by this way, the client is disabled for auth process in MSN servers, and you can say bye-bye to this cancer... :-) [] On Fri, 2006-11-03 at 09:35 -0400, Charles Lacroix wrote: > won't that iptables command block some legit traffic ? like a google search or > something ? > > I remember blocking msn messenger with iptables and squid proxy, it was > reliable but kinda heavy if you want to run only a firewall. > > Recompiling a kernel once is alright but if you have to do it on every update > it can get time consuming :) > > anyways good luck. > > > On Friday 03 November 2006 06:37, Adriano Frare wrote: > > Dear Friends, > > > > I installed CENTOS 4.4 on server. > > > > I need DROP MSN Messenger using IPTABLES, I created the rule below. > > > > $IPTABLES -A INPUT -p tcp -m string --string "x-msn-messenger" -j DROP > > > > > > > > But, When I run IPTABLES, I have received follow error: > > > > DROP -> MSN Messenger > > iptables v1.2.11: Couldn't load match > > `string':/lib/iptables/libipt_string.so: cannot open shared object file: > > No such file or directory > > > > > > Where DO I find library libipt_string ? > > > > > > > > Thanks for help. > > > > > > Adriano Frare > > _______________________________________________ > > CentOS mailing list > > CentOS at centos.org > > http://lists.centos.org/mailman/listinfo/centos >