Rules for Skype
-
Hi all,
I am using pfSense as NAT and proxy server.
There are some specific computers that should have their Skype access blocked. I tried with L7 but it doesn't work. I add the Skype rules there then test creating a firewall rule for a specific IP and the L7 rule. Still able to connect.Some people suggested to use Snort. But the tutorials I found look different, as they show pfSense 1.2 and I am using 2.0.
Can anybody help me?
Thanks,
V. -
Hi all,
I am using pfSense as NAT and proxy server.
There are some specific computers that should have their Skype access blocked. I tried with L7 but it doesn't work. I add the Skype rules there then test creating a firewall rule for a specific IP and the L7 rule. Still able to connect.Some people suggested to use Snort. But the tutorials I found look different, as they show pfSense 1.2 and I am using 2.0.
Can anybody help me?
Thanks,
V.I needed no rules to get Skype work, including video chat, so I don't think it's rooted from pf.
-
I think you didn't understand.
I was asking for rules to block Skype.
-
It's hard to block Skype.
Your best bets would be:
- L7
- if feasible in your setup, you could try blocking all ports except 80,443 then fwd that traffic to Squid, and do something like this http://wiki.squid-cache.org/ConfigExamples/Chat/Skype
- Snort
-
Get all CIDR of skype, create alias and put all the ips, create alias for skype's ports..After done editing your alias, go to firewall LAN create a rule to reject cidr and ports of skype. Hope this help.
jigp
-
Read this article was very helpful to u ;D
http://www.carbonwind.net/Firewalls/BlockingSkypewithPfsenseandSnort/BlockingSkypewithPfsenseandSnort.htm
-
You can restrict navigation by ip address and skype won't connect ;D
I have this at work…