Helmut,
It is not easy detecting Skype.
When PCs of end users are blocked by the firewall,
Skype will use the Squid proxy to go the internet.
Squid only sees a CONNECT on the HTTPS port 443 and does
not know what goes through.
You will see a <IP>:443 in the access.log file.
ufdbGuard is a URL filter which can be configured to allow/block Skype.
If you configure it to allow Skype and to log all URL requests,
you will have a log file (ufdbguardd.log) showing which IP addresses
and which URLs are used for Skype.
You can contact me off list in case you have questions about ufdbGuard.
Marcus
Helmut Hullen wrote:
> Hallo, squid-users,
>
> can I log skype transfer from clients in a LAN to the wide world?
>
> My server installation:
>
> iptables:
>
> $IPTABLES_BIN -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
> $IPTABLES_BIN -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
>
> $IPTABLES_BIN -t filter -A FORWARD -p tcp --dport 80 -j reject_fkt
> $IPTABLES_BIN -t filter -A FORWARD -p tcp --dport 3128 -j reject_fkt
> $IPTABLES_BIN -t filter -A FORWARD -p tcp --dport 8080 -j reject_fkt
>
> squid.conf (no transparant squid):
>
> http_port 8080
> icp_port 3130
>
> For a kind of traffic shaping with "squish" I'd need skype entries in
> squid's "access.log"
>
> Viele Gruesse!
> Helmut
>
>
Received on Thu Apr 14 2011 - 23:35:42 MDT
This archive was generated by hypermail 2.2.0 : Fri Apr 15 2011 - 12:00:03 MDT