[KLUG Members] choice of i-filter/firewall/squid box

[Bert]

Rusty Yonkers wrote:

>>I ran into something regarding this that I thought was pretty cool.
>>With pattern matching, you should be able to actually stop a lot of the
>>messenger services.
>>    
>>

I use a redirector to block some sites. I have the redirector_program pointing to a perl script. I think you can stop messenger services in
this way too.
See the following script:

#!/usr/bin/perl

$| = 1;
while (<>) {
@X = split;
$url = $X[0];
$wie = $X[1];

if ($wie =~ /10\.2\.3\.4/) {
print "$url\n";
}
elsif ($url =~ /\.msn\./) {
#print "302: $url\n";
print "http://www.eindhovensdagblad.nl\n";
}
elsif ($url =~ /\.hotmail\./) {
print "http://www.dse.nl\n";
}
else {
print "$url\n";
}
}

user with ip-adres 10.2.3.4 has unlimited access. And any other finds it url matched against msn and hotmail. Any url which has msn in it is send
to a local newspaper (eindhovensdagblad) while hotmail is redirected to 'dse'.
I you don't want to block, you can also use 'sleep 2'; this is slow enough to disencourage usage of msn...
Most likely you can find a pattern in $url defining a messenger action.
You can block it then with a reply of "302: $url"; no access.

If someone tries this, please drop me a mail what pattern is succesful.
Thanks

Bert