What happens when Jetico rejects?

Discussion in 'other firewalls' started by terryterry, Dec 10, 2006.

Thread Status:
Not open for further replies.
  1. terryterry

    terryterry Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    3
    Hi all,

    I have spent quite some time playing with Jetico and still not very clear about its underlying mechanisms. Well it is working now and the rule table stucture is simple and tidy, but I have got something interesting here:

    (I am using Jetico 1.0161 with windows xp sp2, and skype 2.5. My connection is through a squid web proxy, only port 3128 and 443 open)

    rules for skype:

    an application table for skype.exe is set up and inserted just before table 'Ask User':

    accept disabled any access to network
    accept disabled TCP/IP send datagrams any local address
    accept disabled TCP/IP receive datagrams any local address
    accept disabled TCP/IP outbound connection any (ip of proxy) any 80
    accept disabled TCP/IP outbound connection any (ip of proxy) any 3128
    reject info any any
    continue Default action

    All the problems seem to come from the last 'reject all others' rule, but I really like it since it is the blocker against annoying popups.

    If the 'reject all others' rule is ticked, skype will quickly give me a login failure. In the Jetico log window I can see hundreds of connections to various ips and ports rejected.

    If the 'reject all others' rule is not ticked, here come the popups. What is interesting is, if I do not answer the popup ( if the first one is not answered then it is the only one I can see ), after a few seconds the login is successful. Now tick the 'reject all others' rule, then say block to the popup. Skype works well.

    I guess there must be some differences between immediate rejection and later rejection, although in the above two cases the rule sets are just the same
    . Looks like when the popup is waiting, skype takes it as a time out and turns to other ips (finally to my porxy ip). But I am not sure what happens if Jetico rejects. Anyway the results are different.

    Another mysterious thing is the rule about port 80. In a successful login to skype, nothing is received from this port. It should be nothing because the proxy does not allow connection through port 80. But if I delete this rule, login will always fail.

    Any insights? I would appreciate if anyone can give me a better solution for skype. ( not thinking allowing Skype to connect any ip is a better one)

    Cheers.
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi terryterry, Welcome to Wilders.

    I do not use "Skype" myself, but are there not settings so that "Skype" will use the proxy directly?

    I did find some info here regarding using "Skype" with a proxy server.
     
  3. terryterry

    terryterry Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    3
    Hi Stem,

    Thanks for reply. Yes in skype it is able to set proxy directly, but I did not find that make any difference. I am currently using automatic proxy setting in skype.
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    For some reason, at the link I posted, it says that you need to change the settings in IE. (the last Q/A) have you set IE as mentioned?
     
  5. terryterry

    terryterry Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    3
    En, that is where I tried all the options before I began to hack Jetico.

     
Loading...
Thread Status:
Not open for further replies.