What's new

Skynet Blocking based on Application Mark

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

NGI

Regular Contributor
I'd like to be able to block my kids using HotspotShiled VPN (or other VPNs) to bypass the Parental Control restrictions. I can see in FlexQoS that the Trendmicro engine recognizes the traffic to HotspotShiled and marks it with Mark 0B0041. Based on that I can easily assign it to desired Class from QoS point of view (in FlexQoS) but I was wondering if I can block the Outbound traffic based on Application Mark e.g. 0B0041?
 
I'd like to be able to block my kids using HotspotShiled VPN (or other VPNs) to bypass the Parental Control restrictions. I can see in FlexQoS that the Trendmicro engine recognizes the traffic to HotspotShiled and marks it with Mark 0B0041. Based on that I can easily assign it to desired Class from QoS point of view (in FlexQoS) but I was wondering if I can block the Outbound traffic based on Application Mark e.g. 0B0041?
Well if it uses a common exit port, you could easily just try blocking that port.
 
Well if it uses a common exit port, you could easily just try blocking that port.

Unfortunately it uses port 443 which is used by other Apps so I can't block that. I thought if the Trend-micro engine can recognise these Apps by assigning a specific Mark to them it will be easy to block them in the Firewall.
 
Unfortunately it uses port 443 which is used by other Apps so I can't block that. I thought if the Trend-micro engine can recognise these Apps by assigning a specific Mark to them it will be easy to block them in the Firewall.
You could try blocking any destination IP addresses or hostnames that may be being used by the VPN, this may provided limited blocking.
 
I'd like to be able to block my kids using HotspotShiled VPN (or other VPNs) to bypass the Parental Control restrictions. I can see in FlexQoS that the Trendmicro engine recognizes the traffic to HotspotShiled and marks it with Mark 0B0041. Based on that I can easily assign it to desired Class from QoS point of view (in FlexQoS) but I was wondering if I can block the Outbound traffic based on Application Mark e.g. 0B0041?
Have you tried forcing kids device in dns-filter to cleanbrowsing-family it can block some vpn's
 
Thanks for the suggestions. I have tried using the cleanbrowsing-family DNS Filter in the past but I don't think it worked.

I have tried to block in skynet the ASNs associated with the IP addresses I observed in the FlexQoS Tracked connections and I will monitor to see if this will fix it.
 
Maybe these lists can help (8 months since they was updated)
IP`s:
Before implementing, consider that this list probably includes your own server's IP range, that of your DNS server, the server you get your software updates from, and the servers common search engines live on. Take a moment to make sure you don't accidentally use it to block network traffic you need. In a web application, you might want these IPs to GET, but not POST. In a firewall, you might want to block access to a specific port, but allow these IPs otherwise.
and
Domains: Can maybe be added to/in Skynet & Diversion
 
Last edited:
  • Like
Reactions: NGI

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top