Humm, won't msn fall back to http protocol? On Friday 03 November 2006 09:43, Rafael Azenha Aquini wrote: > It's more simple deny the messenger's port. try the follow rule: > > /sbin/iptables -t filter -A FORWARD -p tcp --dport 1863:1864 -j DROP > > by this way, the client is disabled for auth process in MSN servers, and > you can say bye-bye to this cancer... :-) > > [] > > On Fri, 2006-11-03 at 09:35 -0400, Charles Lacroix wrote: > > won't that iptables command block some legit traffic ? like a google > > search or something ? > > > > I remember blocking msn messenger with iptables and squid proxy, it was > > reliable but kinda heavy if you want to run only a firewall. > > > > Recompiling a kernel once is alright but if you have to do it on every > > update it can get time consuming :) > > > > anyways good luck. > > > > On Friday 03 November 2006 06:37, Adriano Frare wrote: > > > Dear Friends, > > > > > > I installed CENTOS 4.4 on server. > > > > > > I need DROP MSN Messenger using IPTABLES, I created the rule below. > > > > > > $IPTABLES -A INPUT -p tcp -m string --string "x-msn-messenger" -j DROP > > > > > > > > > > > > But, When I run IPTABLES, I have received follow error: > > > > > > DROP -> MSN Messenger > > > iptables v1.2.11: Couldn't load match > > > `string':/lib/iptables/libipt_string.so: cannot open shared object > > > file: No such file or directory > > > > > > > > > Where DO I find library libipt_string ? > > > > > > > > > > > > Thanks for help. > > > > > > > > > Adriano Frare > > > _______________________________________________ > > > CentOS mailing list > > > CentOS at centos.org > > > http://lists.centos.org/mailman/listinfo/centos > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- Charles Lacroix, Administrateur UNIX. Service des télécommunications et des technologies Cégep de Sainte-Foy (418) 659-6600 # 4266