> Blocking Skype Using Squid and OpenBSD
Hey I cant wait to try out this one - this is really intresting one.
Very informative writeup. Thanks rootn0de
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.c
On 11/13/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I have had no problems at all with the above setup, and as a result,
> only Skype is blocked, as most(if not all) companies serious about
> having a web presence
> have registered domains and hence are referenced by their FQDN URLs.
This
> acl connect method CONNECT
This line is not necessary since standard squid.conf contains this line:
acl CONNECT method CONNECT
so simply use the uppercase version (squid does not check upper and
lower case in acl names)
> # Apply your acls
> http access deny connect numerics_IPs all
Respe
No, the "connect" was certainly not a typo. But indeed the "http access"
was.
The 2nd typo was "numerics_IPs" instead of "numeric_IPs". I think, it is
o.k. to show up such pitfalls.
> BTW: I'm sure, it will break a lot of other things but skype, too.
Do you mean "I'm sure it will break a lot
Polarizer wrote,
> > acl connect method CONNECT
>
> This line is not necessary since standard squid.conf contains this line:
>
> acl CONNECT method CONNECT
>
> so simply use the uppercase version (squid does not check upper and lower case
> in acl names)
>
> > # Apply your acls
> > http access
This line is not necessary since standard squid.conf contains this line:
That has nothing to do with the proposed configuration. No serious squid
implementation would have a standard ACL list, so every serious admin
would rewrite them. And if you are serious you have some sort of
convention for
This can be achieved by using an IDP system and blocking the
appropriate p2p protocol (I forgot which one. overnet?).
An IDP is a device which works with signatures as known from
IDS-Systems and instead of reporting malicious activity
it blocks packets or connections. Therefore it must be placed
i
* Jochen Kaiser:
> This can be achieved by using an IDP system and blocking the
> appropriate p2p protocol (I forgot which one. overnet?).
> An IDP is a device which works with signatures as known from
> IDS-Systems and instead of reporting malicious activity
> it blocks packets or connections. T
At 13:00 2005-04-04, Jochen Kaiser scribed thusly:
>This can be achieved by using an IDP system and blocking the
>appropriate p2p protocol (I forgot which one. overnet?).
>So as an ISP who shall grant best quality for all customers the
>usage of a software based IDP may not be the appropriate w
