More infos about the "biggest botnet ever" and why it is hard to block or shape: http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf
Holger > -----Original Message----- > From: Holger Bauer > Sent: Tuesday, March 21, 2006 11:45 AM > To: support@pfsense.com > Subject: RE: [pfSense Support] Skype traffic priorization > > > http://www.secdev.org/conf/skype_BHEU06.handout.pdf holds > some nice information about the "evil" skype. Detailed > information on the packets start at page 9. > > Holger > > > -----Original Message----- > > From: Holger Bauer > > Sent: Monday, March 20, 2006 5:09 PM > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Skype traffic priorization > > > > > > Skype is a bitch if it comes to shaping as it uses any > > available port IF available and each endpoint can have random > > incoming connection ports (the incoming port is > > configurable): http://www.skype.com/help/guides/firewall.html > > So there is nor real way to set priority for that kind of > > traffic based on ports (and it's hard to block that kind of > > traffic too because of that without using a proxy). I'm not > > sure if it places special TOS fields in the header but that > > would be your only way then. Try to ethereal the connection > > and check which flags are set and if they are different from > > other traffic like browsing, ftp and so on. Then use the flag > > options for the rules. > > > > You also might try to just run the traffic shaper and assign > > "prioritize voip" "default low delay" "32 kbit/s" (skype > > usually uses that amount of traffic). Then view your queues > > at status>queues and do a call. If you see traffic in the > > voipqueue you are done as this means that skype sets "low > > delay" flags. > > > > Holger > > > > -----Original Message----- > > From: Pedro Paulo de Magalhaes Oliveira Junior > > [mailto:[EMAIL PROTECTED] > > Sent: Monday, March 20, 2006 4:48 PM > > To: support@pfsense.com > > Subject: [pfSense Support] Skype traffic priorization > > > > > > Does anybody know how to priorize Skype traffic in pfsense QOS? > > > > ____________ > > Virus checked by G DATA AntiVirusKit > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > ____________ > Virus checked by G DATA AntiVirusKit > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > ____________ Virus checked by G DATA AntiVirusKit --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
