Date: Mon, 11 Sep 2006 13:34:58 +0200 From: Greg Armer <wiqd@codelounge.org> To: freebsd-pf@freebsd.org Subject: Block Skype with PF Message-ID: <20060911113458.GA10659@gentoo>
next in thread | raw e-mail | index | archive | help
Good day list, I was just wondering if any of you have a running 'receipe' using PF that can block Skype. What I have found out is the following: - Skype picks a random port to use when it is installed - It can switch over to port 80 / 443 if a firewall is too restrictive - It appears UDP ports above 1024 are used aswell So what I was thinking of doing is blocking all outgoing UDP above port 1024, and trying to identify and block the port 80 / 442 traffic with squid and a transparent proxy. Does anyone have any better solutions to this which do not involve expensive layer 7 inspection hardware ? Many thanks for your comments / ideas. Regards, -- Greg Armer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060911113458.GA10659>