Block gmail chat/gtalk using squid proxy

This document presumes that you have SQUID PROXY server installed, configured and running.

Google Talk or Gtalk can work in 2 ways on a system (thats i know, till now).

First, web-based i.e whenever we open GMAIL in browser.
Secondly, by Installing GTALK (or any third party application) on a system.
Both works in different ways.

Case 1:

In my first scenario, i want to block GTALK through browser while still be able to access GMAIL, from my browser.
This scenario can be accomplished using squid, just define a new ACL for squid.

1. Open up your squid configuration file.
   # vi /etc/squid/squid.conf
2. Make/define a new acl for gtalk ( squid recommends a particular area in conf file for defining custom acl’s, please adhere)
   acl gtalk url_regex -i ^http:////mail.google.com/mail/channel/bind
3. Block this acl using
   “http_access”.http_access deny gtalk
4. save and exit the conf file.
5. Signal Squid to “reload” the configuration file.
   # /etc/init.d/squid reload

Case 2:

Blocking Gtalk application (i.e when Gtalk is installed on a system)

In this case, your squid logs shows a entry like this:
“CONNECT talk.google.com:443” [User-Agent: Google Talk\r\nHost: talk.google.com\r\nContent-Length: 0\r\nProxy-Connection: Keep-Alive\r\n] [-]

Lets assume all of your system’s traffic is passing through SQUID.

1. Open up squid configuration file.
   # vi /etc/squid/squid.conf
2. Make/define a new acl for gtalk ( squid recommends a particular area in conf file for defining custom acl’s, please adhere)
   acl gtalk req_header User-Agent -i “google talk”
   or
   acl gtalk req_header Host talk.google.com
3. Block this ACL
   http_access deny gtalk
4. save and quit the squid configuration file.
   :wq (press enter)
5. Signal Squid to “reload” configuration file.
   # /etc/init.d/squid reload
6. Verification

Try to login into gtalk. You will not be able to login now.