On Jan 23, Marcus Kool wrote:
> ufdbGuard can also block HTTPS sites which have no valid certificate
> and sites which have no FQDN in the URL.
Is this the only option? Does it require an account on urlfilterdb.com?
Here's what I've tried but it doesn't appear to work perhaps due to
misconfiguration?
http_access allow localhost
acl lan src 10.10.0.0/8
# block skype supernode test
acl numeric urlpath_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
acl connect method CONNECT
http_access deny connect numeric all
http_access allow lan
http_access deny all
The docs on http://www.skype.com/security/universities suggest that
HTTP and SOCKS5 proxied clients do not gain supernode status but
tcpdump can't confirm or deny that's true. I've seen prior posts
regarding Skype but I may have missed something re this particular
issue. Does anyone have experience with this? I'd prefer not to
block Skype traffic altogether but v2 Mac and Linux Skype clients
do not have the option to turn off the supernode feature as the v3
Win32 clients.
-Gary
Received on Wed Feb 06 2008 - 19:59:51 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:04 MST