Re: rules for skype - Victor Yeo

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: "Victor Yeo" <yeosv@ndc.com.tw>
To: Deepak Seshadri <d_s123@hotmail.com>, netfilter@lists.netfilter.org
Subject: Re: rules for skype
Date: Tue, 3 May 2005 15:17:41 +0800	[thread overview]
Message-ID: <002401c54fb0$33cdc950$2604a8c0@ndchunk> (raw)
In-Reply-To: BAY107-DAV7808D3CABD608123BCF2CB7270@phx.gbl

> - Use *tc* to choke the skype traffic. I have a list of apps to allow
> through the network. The rest go into a default pipe of 2 Kbps. This
> deteriorates the performance of the application. I think text chatting
will
> still go through but voice chatting, file sharing and all gets choked.
> NOTE: I have had better success not blocking its default ports. That way I
> can keep it away from the standard Internet ports and thus easily classify
> it into the default pipe.

Where can i find more information on *tc* ? thanks for any reply.

Rgds,
Victor

----- Original Message ----- 
From: "Deepak Seshadri" <d_s123@hotmail.com>
To: "Taylor, Grant" <gtaylor@riverviewtech.net>;
<netfilter@lists.netfilter.org>
Sent: Tuesday, May 03, 2005 1:01 AM
Subject: Re: rules for skype


> Hi Grant,
>
> My company requires me to block Skype too. There are 3 ways I have found
> after a lot of research:
>
> - Block the authentication servers' IPs. The last I knew there were only 2
> servers for authentication. Their IPs are given in that pdf document. I am
> not aware if they have added new servers now.
> - Use Layer-7 pattern. Again, the layer-7 pattern has worked for some and
> not worked for many. It has worked for me.
> My network scenario: The network I manage has private addresses
throughout.
> I think it has something to do with NAT and private addressing because in
my
> case when the client tries to authenticate with the server the hex-pattern
> of those UDP packets stays the same throughout every session. This has not
> been true in every case. You can give it a shot.
> - Use *tc* to choke the skype traffic. I have a list of apps to allow
> through the network. The rest go into a default pipe of 2 Kbps. This
> deteriorates the performance of the application. I think text chatting
will
> still go through but voice chatting, file sharing and all gets choked.
> NOTE: I have had better success not blocking its default ports. That way I
> can keep it away from the standard Internet ports and thus easily classify
> it into the default pipe.
>
> Now given the nature of this application, some things might work for you
and
> some might not. I thought I would share my knowledge on this ....
>
> Good luck,
> Deepak
>

next prev parent reply	other threads:[~2005-05-03  7:17 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20050502150901.DAEF39E9F4@dd6816.kasserver.com>
2005-05-02 15:36 ` rules for skype Daniel Lopes
2005-05-02 15:58   ` Taylor, Grant
2005-05-02 16:48     ` Taylor, Grant
2005-05-02 17:01     ` Deepak Seshadri
2005-05-02 17:09       ` [SPAM] " Taylor, Grant
2005-05-02 17:42         ` Deepak Seshadri
2005-05-02 19:33           ` [SPAM] " Taylor, Grant
2005-05-03  7:17       ` Victor Yeo [this message]
2005-05-03  7:50         ` John A. Sullivan III
2005-07-13  2:52           ` Fajar Priyanto
2005-07-13 10:53             ` Daniel Lopes
2005-09-26  7:06 Mofizul Hoq
     [not found] <200505021507.j42F7cIb004153@rti02.co-lo.riverviewtech.net>
2005-05-02 15:56 ` Taylor, Grant
     [not found] <20050501223241.CF7E4103130@correio.solutti.com.br>
2005-05-01 22:35 ` Leonardo Rodrigues Magalhães
2005-05-02 14:36   ` Daniel Lopes
2005-05-02 14:40     ` Taylor, Grant
2005-05-02 15:07       ` Seferovic Edvin
  -- strict thread matches above, loose matches on Subject: below --
2005-05-01  9:37 varun_saa
2005-05-01  9:46 ` Askar
2005-05-01 22:00   ` Taylor, Grant
2005-05-01 22:31     ` Seferovic Edvin
2005-05-01 23:43     ` Mogens Valentin
2005-05-02  1:32       ` Daniel Lopes
2005-05-02  6:14     ` Taylor, Grant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='002401c54fb0$33cdc950$2604a8c0@ndchunk' \
    --to=yeosv@ndc.com.tw \
    --cc=d_s123@hotmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox