blocking skype and google talk

[OutHouse]

umm wow. thought it would be easy to block skype and google talk on my home router but it looks like its a royal pain in the ass. i guess the only way to really block it is to fire up a squid and use openbsd....

anybody have any success at blocking these two apps with home linksys router???

 

[theevilsharpie]

Linksys home routers are simple packet filters. If you want to identify and block network applications, you'll need to use an application layer firewall.

 

[notposting]

Beat anyone at home trying to use them?

 

[imagoon]

Yeah for home the "Clue Bat" is more effective unless you want to drop a few grand on a Application layer firewall.

 

[JackMDS]

The solution (if feasible) is to use this software on the culprits computers.

http://www.netlimiter.com/scrshots.php

 

[RadiclDreamer]

Depending on how tech savvy the person is you could just point the dns entry for these services to a non existent address

 

[kornphlake]

OpenDNS will filter chat sites, I found out by mistake that checking the filter category for chat will block google chat in gmail, I don't know if it will block skype. Unfortunately it's pretty easy for a tech savvy user to defeat OpenDNS by specifying a DNS server other than the server suggested by DHCP. I force all connections on my home network to use OpenDNS servers regardless of the client settings (don't remember exactly how at this point,) but I use a squid proxy server not a simple broadband router.

 

[OutHouse]

OpenDNS will filter chat sites, I found out by mistake that checking the filter category for chat will block google chat in gmail, I don't know if it will block skype. Unfortunately it's pretty easy for a tech savvy user to defeat OpenDNS by specifying a DNS server other than the server suggested by DHCP. I force all connections on my home network to use OpenDNS servers regardless of the client settings (don't remember exactly how at this point,) but I use a squid proxy server not a simple broadband router.

yes i have OpenDNS IP's on my router DNS settings.

no it will not block skype.

 

[momeNt]

Beat anyone at home trying to use them?

This.

Unless you are talking about a business and not a son or daughter chatting with their bf/gf.

 

[AnonymouseUser]

This article seems to have a solution for Skype: How to drop or block Skype connections with your gateway firewall. This works by blocking the initial authentication.

Just tested it on my DD-WRT enabled router, and it works. Under Administration > Commands, edit Firewall, add the following, and reboot:

iptables -I FORWARD -s 111.221.74.0/24 -j DROP
iptables -I FORWARD -s 111.221.77.0/24 -j DROP
iptables -I FORWARD -s 157.55.130.0/24 -j DROP
iptables -I FORWARD -s 157.55.235.0/24 -j DROP
iptables -I FORWARD -s 157.55.56.0/24 -j DROP
iptables -I FORWARD -s 157.56.52.0/24 -j DROP
iptables -I FORWARD -s 194.165.188.0/24 -j DROP
iptables -I FORWARD -s 195.46.253.0/24 -j DROP
iptables -I FORWARD -s 213.199.179.0/24 -j DROP
iptables -I FORWARD -s 63.245.217.0/24 -j DROP
iptables -I FORWARD -s 64.4.23.0/24 -j DROP
iptables -I FORWARD -s 65.55.223.0/24 -j DROP

That gives me the following:

Be sure to read the entire article, you may inadvertently block other sites, and the IP addresses could always change!

 

[Perfectomundo]

I registered just to say thanks so much to the guy above me!
Adding those commands in my DD-WRT enabled Router (AirStation™ N300):

Under Administration > Commands > Command Shell | Commands, Paste > Save Firewall (Button)
has indeed blocked Skype on my network from ALL computers:

The service no longer connects and if it is already connected and running after the commands are put in and saved, the service dies and there is no response. After about 3 minutes the results are as follows:

Thank you so much, you have no idea how annoying it has been to have to listen to the last 6 weeks of my annoying German roommate arguing and yelling at her boyfriend for hours. Finally I can get some sleep, whilst still allowing her to use the internet to type to him or whatever.

The only thing I wish is that it still worked for myself but sadly this is the only way that I have found that works, and the application still works fine on my Galaxy S4 via the Skype app. It still signs in fine and I can make calls (I don't have a mic or webcam on my PC anyway)

So this is so close to perfect for me.
Thanks again!

 

[vshah]

^ you could set a static IP for her computer and then check the destination as well as the source in the iptables command, i think that would work.

 

[AnonymouseUser]

Glad that worked for you.

To enable yourself to use Skype, I don't know if this will work, but it's worth a shot: Use DMZ for your PC's local IP.

If that doesn't work, then I'm sure using an OpenVPN service (eg, privateinternetaccess) would work (don't tell your roommate! ).

 

[gsaldivar]

Yay! Open source to the rescue