Galera ja testei varios exemplos daqui do forum, e n acerto a bloquear o windows live messenger, ja tentei uns 50 tipos diferentes estou a uma semana tentando em nada segue abaixo minha ultima tentativa, lembrando q uso kurumun 7, o resto funciona tudo bloqueio de sites e ips liberados.
#####MEU SQUID#####
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 512 MB
maximum_object_size_in_memory 64 KB
maximum_object_size 16 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 512 16 256
# Arquivo onde são guardados os logs de acesso do Squid.
cache_access_log /var/log/squid/access.log
visible_hostname kurumin
# O e-mail que o Squid envia como senha ao acessar um servidor
# FTP anonimo:
ftp_user [email protected]
refresh_pattern ^ftp: 15 20% 2280
refresh_pattern ^gopher: 15 0% 2280
refresh_pattern . 15 20% 2280
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
acl livreip src "/etc/squid/liberados"
http_access allow livreip
acl travados url_regex -i "/etc/squid/bloqueados"
http_access deny travados
acl msnregex url_regex loginnet.passport.com login.live.com config.messenger.msn.com omega.contacts.msn.com
acl msndll url_regex -i gateway.dll sqmserver.dll
http_access deny msnregex
http_access deny msndll
#acl madrugada time 00:00-06:00
#http_access deny madrugada
#acl manha time 06:00-12:00
#http_access deny manha
#acl almoco time 12:00-14:00
#http_access deny almoco
#acl tarde time 14:00-19:00
#http_access deny tarde
#acl noite time 19:00-24:00
#http_access deny noite
acl redelocal src 192.168.1.0/24
http_access allow redelocal
#http_access deny all
http_access allow all
#####MEUS ARQUIVOS DE BLOQUEIO#####
www.orkut.com
orkut.com
playboy.com.br
## LISTA PARA BLOQUEIO DO MSN
200.177.97.157
207.46.111.54
207.46.111.54/gateway
207.46.113.220
207.46.108.51
207.68.178.239
65.212.92.104
65.50.10.6
65.212.92.111
64.58.88.113
ADSAdClient31.dll
login.live.com
spaces.live.com
passport.com
msn.com.br
msn.com
sc.msn.com
rad.msn.com
tp.msn.com
c.msn.com
msn.be
hp.msn.com
hpc.msn.com
hm.msn.com
#
stb.msn.com
stj.msn.com
mymsn.hotmail.com
ads1.msn.com
hotmail.msn.com
storage.msn.com
st.msn.com
tp.msn.com
stc.msn.com
#
msn_messenger
config.messenger.msn.com
media.meegos.com
messenger
gateway.dll
messenger.msn.com.br
http.msg.yahoo.com
nickname.msn.com.br
chat.msn.com
chat.msn.com.br
msgr.hotmail.com
gateway.messenger.hotmail.com
http1.msgr.hotmail.com
http2.msgr.hotmail.com
http3.msgr.hotmail.com
http4.msgr.hotmail.com
http5.msgr.hotmail.com
http6.msgr.hotmail.com
http7.msgr.hotmail.com
http8.msgr.hotmail.com
http9.msgr.hotmail.com
http10.msgr.hotmail.com
http11.msgr.hotmail.com
http12.msgr.hotmail.com
http13.msgr.hotmail.com
http14.msgr.hotmail.com
http15.msgr.hotmail.com
http16.msgr.hotmail.com
http17.msgr.hotmail.com
http18.msgr.hotmail.com
http19.msgr.hotmail.com
http20.msgr.hotmail.com
x-msn
#
## OUTROS LINKS PARA WEB-MESSENGER
#
meebo.com
65.19.140.246
ebuddy.com
193.238.160.62
msn2go.com
69.64.38.128
e-messenger.net
82.98.252.234
phonefox.com
85.184.4.3
193.238.162.21
msnger.com
216.32.66.234
torperkut.com
65.99.232.42
go.icq.com
64.12.164.120
wbmsn.net
212.227.34.3
bhi.com.br
messengerfx.com
#
## SERVIDORES PROXY
#
anonymouse.org
brianwatch.com
aliveproxy.com
#
## LISTA PARA BLOQUEIO DO ORKUT
#
orkut
orkut.com
www.orkut.com
72.14.209.86
www.orkat.com
72.14.209.85
okcut.com
64.69.68.141
calculatepie.com
www.orkut.com:443
#######MEU FIREWALL NO KURUMIN###################
#!/bin/bash
# Script de configuração do iptables gerado pelo configurador do Kurumin
# Este script pode ser usado em outras distribuições Linux que utilizam o Kernel 2.4 em diante
# Por Carlos E. Morimoto
firewall_start(){
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -s 192.168.0.10 -p tcp --dport 1863 -j DROP
iptabels -A FORWARD -s 192.168.0.10 -p tcp --dport 5190 -j DROP
iptables -A FORWARD -p tcp -s 192.168.0.10 -d gateway.dll -j DROP
iptables -t nat -A PREROUTING -i eth1 -d tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# Ignora pings
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
# Proteção contra IP spoofing
echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
# Protege contra synflood
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
# Proteção contra ICMP Broadcasting
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# Bloqueia traceroute
iptables -A INPUT -p udp --dport 33435:33525 -j DROP
# Proteções diversas contra portscanners, ping of death, ataques DoS, etc.
iptables -A INPUT -m state --state INVALID -j DROP
# Abre para a interface de loopback.
# Esta regra é essencial para o KDE e outros programas gráficos funcionarem adequadamente.
iptables -A INPUT -i lo -j ACCEPT
# Fecha as portas udp de 1 a 1024
iptables -A INPUT -p udp --dport 1:1024 -j DROP
iptables -A INPUT -p udp --dport 59229 -j DROP
#