Veritech : Network Technology + Innovation

  • Increase font size
  • Default font size
  • Decrease font size
  • default color
  • black color
Home Endian FAQs How to block skype?

How to block skype?

Thursday, 04 December 2008 11:00
E-mail Print PDF
Skype is a special case because the very nature of the Skype protocol is to effectively circumvent firewall blocks. Skype searches a way to connect to it's services by using different protocols/ports. So there is no simple way to toggle off skype without limiting also other services.
However, there is 1 possibility to block it:

  1. enable the outgoing firewall and allow only the ports you really need, so skype cannot use it's normal ports to access its services and will tunnel through HTTPS instead.
  2. enable the http proxy in transparent mode, so skype need to use the proxy.
  3. block url's containing ip addresses instead of hostnames (example: http://10.1.1.1/test)
The last step is not implemented within the GUI of Endian firewall. You can configure it manually doing this:

  1. edit /var/efw/proxy/custom-acl.conf using

    nano /var/efw/proxy/custom-acl.conf
  2. add the following:

    ----------------------- snip ----------------------------------
    acl numeric_IPs url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
    http_access deny CONNECT numeric_IPs all
    ----------------------- snip ----------------------------------
  3. restart the http proxy

From now on you cannot connect anymore to url's containing ip addresses. But this is the only way to effectively block skype.
< Prev   Next >
Last Updated ( Friday, 09 January 2009 02:07 )  

Try Before you buy!

Endian online demo

Login Form

Newsletter


Please register to the site before you can sign for a list.
No account yet? Register