Block gmail chat/gtalk using squid proxy
This document presumes that you have SQUID PROXY server installed, configured and running.
Google Talk or Gtalk can work in 2 ways on a system (thats i know, till now).
First, web-based i.e whenever we open GMAIL in browser.
Secondly, by Installing GTALK (or any third party application) on a system.
Both works in different ways.
Case 1:
In my first scenario, i want to block GTALK through browser while still be able to access GMAIL, from my browser.
This scenario can be accomplished using squid, just define a new ACL for squid.
- Open up your squid configuration file.
# vi /etc/squid/squid.conf - Make/define a new acl for gtalk ( squid recommends a particular area in conf file for defining custom acl’s, please adhere)
acl gtalk url_regex -i ^http:////mail.google.com/mail/channel/bind - Block this acl using
“http_access”.http_access deny gtalk - save and exit the conf file.
- Signal Squid to “reload” the configuration file.
# /etc/init.d/squid reload
Case 2:
Blocking Gtalk application (i.e when Gtalk is installed on a system)
In this case, your squid logs shows a entry like this:
“CONNECT talk.google.com:443” [User-Agent: Google Talk\r\nHost: talk.google.com\r\nContent-Length: 0\r\nProxy-Connection: Keep-Alive\r\n] [-]
Lets assume all of your system’s traffic is passing through SQUID.
- Open up squid configuration file.
# vi /etc/squid/squid.conf - Make/define a new acl for gtalk ( squid recommends a particular area in conf file for defining custom acl’s, please adhere)
acl gtalk req_header User-Agent -i “google talk”
or
acl gtalk req_header Host talk.google.com - Block this ACL
http_access deny gtalk - save and quit the squid configuration file.
:wq (press enter) - Signal Squid to “reload” configuration file.
# /etc/init.d/squid reload - Verification
Try to login into gtalk. You will not be able to login now.
If you enjoyed this post, make sure you subscribe to my RSS feed!!!!