06-13-2009 03:08 PM
Hi all,
How do I deny users having their gateway as the WSA to block skype. Currently I am using the regular expression:
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443
I also read a outdated reply to also use [^(\n|\r)]+Skype/i
Also, any deny rule on the firewall should be added?
Thanks
06-15-2009 05:16 PM
mbaki,
Setting your client's default gateway to use the WSA is not recommended or supported.
Since the WSA is not a router, there is a high likely hood that alot of your traffic is going to break. It is also likely that the WSA is going to be receiving alot of traffic that it was never designed to receive, which could have negative impacts.
The regex you have supplied "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443" will have no effect on transparent traffic. This regex is meant to match an explicit CONNECT request that is sent to an IP instead of hostname.
I'm not sure what the other regex is for. It seems a little off. One or more beginning of line or \n or \n followed by Skype/i.
Seems non-sensical to me. Or at least could be re-written. I can assist if you explain its purpose.
06-29-2009 03:11 PM
hi josh,
probably mbaki(like me) is trying to look for a way to block skype.
I am using a 6.0 WSA in forward proxy mode.
I tried several ways to block skype, like regular expression ([0-9].[0-9].[0-9].[0-9] and [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443) but no way... skype keeping on passing throught my appliance....
So if you know some other way to block it , you are welcome!
Thank you very much.
Walter Doria
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: