Skype - impossible to block…



  • I have a problem with Skype blocking. In pfSense 1.2.3 this was possible with Snort, now in 2.0.1 it does not work.
    Snort detects Skype login and block destination IP, but it is too late, Skype can login just fine:

    Blocked
    78.141.179.13
    PUA-P2P Skype client login startup - 09/12-14:10:00
    PUA-P2P Skype client login - 09/12-14:10:00

    Blocked
    78.141.179.17
    PUA-P2P Skype client login startup - 09/12-14:32:15
    PUA-P2P Skype client login - 09/12-14:32:15

    Blocked
    78.141.179.11
    PUA-P2P Skype client login startup - 09/12-14:41:58
    PUA-P2P Skype client login - 09/12-14:41:59

    If I set Snort to block src and dst IP it works, but all traffic from workstation with skype is blocked and this is not a good idea. Layer 7 rule do not work too.

    Can someone help me with this problem?



  • On my tests, block 443 worked fine.



  • I have a problem with Skype blocking.

    I don't and I am using pfSense 2.0.1 and Snort 2.9.2.3 pkg v. 2.5.1. Either you enable the rules in pua-p2p, or use the default ET set of rules.


Locked