Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: msn proxy
« previous next »
Pages: [1]   Go Down

msn proxy

  • 4 Replies
  • 2443 Views

Offline Normando

  • *
  • 841
  • +2/-1
    • Unixlan
msn proxy
« on: December 07, 2009, 04:18:07 PM »
Hello

I want to run msn-proxy http://sourceforge.net/projects/msn-proxy to capture msn traffic. I have installed msn-proxy without problems, but I don't know how to configure the firewall to block or redirect the 1863 port. Or I can't understand correctly what is need it (block port or redirect)

This is a copy from the INSTALL file
Quote
Now the proxy should be ready to run, just redirect the msn clients to
the proxy (all connections to the port 1863 should be redirect at your
gateway / firewall).

You need to block http connections from msn client (the client first try to
connect on 1863 port and after some fail it will try the http method).

The most effective way to do this is through a web proxy (squid).

I was read http://wiki.contribs.org/Firewall#Block_outgoing_ports

Any help will be appreciate.
« Last Edit: December 07, 2009, 04:24:13 PM by Normando »
Logged

Offline Normando

  • *
  • 841
  • +2/-1
    • Unixlan
Re: msn proxy
« Reply #1 on: December 07, 2009, 04:22:32 PM »
Me again

If I understood ok, there are to things to do:

1 - Redirect outgoing port 1863 to localhost (192.168.0.1:1863)
2 - Block http connections from msn
Logged

Offline mmccarn

  • *
  • 2,651
  • +10/-0
Re: msn proxy
« Reply #2 on: December 08, 2009, 01:45:09 PM »
Quote from: Normando link=topic=45218.msg219183#msg219183
1 - Redirect outgoing port 1863 to localhost (192.168.0.1:1863)
Take a look at /etc/e-smith/templates/etc/rc.d/init.d/masq/35transproxy and
/etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustTransProxy to see how the transparent proxies for Squid and SMTP are set up and maintained.

35transproxy sets up the iptables rules, 90adjustTransProxy inserts the actual values for your WAN IP, and applies changes if your WAN IP changes (in case you have a dynamic IP)

You will need to do something similar for port 1863.

Quote from: Normando link=topic=45218.msg219183#msg219183
2 - Block http connections from msn
I don't think you can block http connections from msn - I think you need to block http connection to msn.  However, if your SME transparent proxy is enabled you'll have to do this with squidguard or dansguardian.

Since the instructions you reference for blocking outgoing ports do *not* block any traffic between your LAN clients and your SME server your users would still be able to get to msn on port 80 by way of the SME proxy.

I found this KB at Microsoft listing the URLs you will need to block (either in squidguard or in dansguardian): http://support.microsoft.com/kb/927847


Logged

Offline Normando

  • *
  • 841
  • +2/-1
    • Unixlan
Re: msn proxy
« Reply #3 on: December 08, 2009, 04:41:52 PM »
I will investigate those templates. If I get good results, I will back with a contrib :-)

Thanks for the help mmccarn
Logged

Offline hu3b11b7

  • 1
  • +0/-0
Re: msn proxy
« Reply #4 on: November 16, 2011, 07:38:19 PM »
hi


does anyone know the proper answer to this problem, I am facing with it no, not too much lluck

thanks

Now the proxy should be ready to run, just redirect the msn clients to
the proxy (all connections to the port 1863 should be redirect at your
gateway / firewall).

You need to block http connections from msn client (the client first try to
connect on 1863 port and after some fail it will try the http method).

The most effective way to do this is through a web proxy (squid).
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: msn proxy