On 29/03/12 07:58, I.S.C. William wrote: > I have a transparent squid proxy, together with shorewall firewall > version 4.4.25.3, my question is .. > How I can block the Skype service to my local network, but without > having to block port 80 and 443 are used for other sites and services. > I had this rule: > > REJECT loc net udp 1024:65535 > REJECT loc net tcp 1024:65535 > > but it works already. > > There will be some way?
1. Make sure your loc2net policy is REJECT or DROP, block outbound 80 & 443 and require them to go through a proxy, or 2. Use something other than Skype Skype is a pain - it is impossible to safely firewall without opening your network for egress traffic. On the Windows version i believe you can proxy it, but in some cases that seems to produce poor audio results. Paul ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
