How to block msn messenger

  • Hello Dear All,

    I need block msn messenger on local area.I research on

    I block 1863 port and msn access to 80,443 ...
    I use squid proxy server, add to "Custom Options" on

    acl msn url_regex -i gateway.dll;acl msnd dstdomain;;acl msn1 req_mime_type ^application/x-msn-messenger$;http_access deny msnd;http_access deny msn;http_access deny msn1;

    but dont block msn. My squid.conf attach in meail.
    How to block msn messenger with pfsense.


    Do not edit manually !

    http_port transparent
    icp_port 0

    pid_filename /var/run/
    cache_effective_user proxy
    cache_effective_group proxy
    error_directory /usr/local/etc/squid/errors/Turkish
    icon_directory /usr/local/etc/squid/icons
    visible_hostname localhost
    cache_mgr admin@localhost
    access_log /var/squid/log/access.log
    cache_log /var/squid/log/cache.log
    cache_store_log none
    shutdown_lifetime 3 seconds

    Allow local network(s) on interface(s)

    acl localnet src
    uri_whitespace strip

    cache_dir aufs /var/squid/cache 100 16 256
    cache_mem 8 MB
    maximum_object_size 10 KB
    minimum_object_size 0 KB
    cache_replacement_policy heap LFUDA
    memory_replacement_policy heap GDSF
    offline_mode off
    dns_children 32

    No redirector configured

    Setup some default acls

    acl all src
    acl localhost src
    acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901  3128 1025-65535
    acl sslports port 443 563
    acl manager proto cache_object
    acl purge method PURGE
    acl connect method CONNECT
    acl dynamic urlpath_regex cgi-bin ?
    acl blacklist dstdom_regex -i "/var/squid/acl/blacklist.acl"
    cache deny dynamic
    http_access allow manager localhost

    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !safeports
    http_access deny CONNECT !sslports

    Always allow localhost connections

    http_access allow localhost

    request_body_max_size 0 KB
    reply_body_max_size 0 allow all
    delay_pools 1
    delay_class 1 2
    delay_parameters 1 -1/-1 -1/-1
    delay_initial_bucket_level 100
    delay_access 1 allow all

    Block access to blacklist domains

    http_access deny blacklist

    Allow local network(s) on interface(s)

    http_access allow localnet

    Custom options

    acl msn url_regex -i gateway.dll
    acl msnd dstdomain
    acl msn1 req_mime_type ^application/x-msn-messenger$
    http_access deny msnd
    http_access deny msn
    http_access deny msn1

    Default block all to be sure

    http_access deny all

  • "I block 1863 port and msn access to 80,443 …
    I use squid proxy server, add to "Custom Options" on"

    why you block 80,443? I think you need that ports in your pfsense. Try use Aliases or Firewall Rule and check outbound inbound.

    Davao City

  • Also, msn has a lot of ports. They use https also i guess

    Davao City

Log in to reply