Shorewall users - Mar 2012 - Block service Skype with Shorewall

I have a transparent squid proxy, together with shorewall firewall
version 4.4.25.3, my question is ..
How I can block the Skype service to my local network, but without
having to block port 80 and 443 are used for other sites and services.
I had this rule:

REJECT loc     net     udp     1024:65535
REJECT loc     net     tcp     1024:65535

but it works already.

There will be some way?

-- 
I.S.C. William López Jiménez
--
User Linux # 379636
MSN         wljkoala23@hotmail.com
Jabber       koalasoft@jabber.org
Web:         www.koalasoftmx.tk
Twitter:      @koalasoft
Facebook:  william.koalasoft

------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here 
http://p.sf.net/sfu/sfd2d-msazure

On 29/03/12 07:58, I.S.C. William wrote:
> I have a transparent squid proxy, together with shorewall firewall
> version 4.4.25.3, my question is ..
> How I can block the Skype service to my local network, but without
> having to block port 80 and 443 are used for other sites and services.
> I had this rule:
> 
> REJECT loc     net     udp     1024:65535
> REJECT loc     net     tcp     1024:65535
> 
> but it works already.
> 
> There will be some way?
1. Make sure your loc2net policy is REJECT or DROP, block outbound 80 &
443 and require them to go through a proxy, or

2. Use something other than Skype

Skype is a pain - it is impossible to safely firewall without opening
your network for egress traffic.  On the Windows version i believe you
can proxy it, but in some cases that seems to produce poor audio results.

Paul


------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2