Block Skype connections

There is a popular belief that Skype client is very hard to block on the network layer, due to it’s Peer-To-Peer behavior and usage of HTTP/S ports.

Block Skype client

However at present time (December, 2012) Skype client connections can be blocked pretty simply by a few firewall rules.
After startup, Skype client receives a number of it’s master (login?) servers – Currently there are 16 DNS entries from to

Using simple bash script (uses Linux DNS utility – dig) we can get most of these server’s IP addresses:

for i in {0..20} ; do dig +short dsn$; done | sort | uniq

Just block all access to following networks and Skype client won’t be able to authenticate and connect.

For Linux router, with IPtables firewall, you may use following command:

for ip in; do iptables -A OUTPUT -d $ip -j DROP; done

20 thoughts on “Block Skype connections

  1. i am using nokia 6680.i can’t access skype it always tell me skype coundn’t connect to skype server.please help.

  2. I just used ping to get the current list on a windows machine and put the values into a spreadsheet for my own reference. I could list all of the addresses but what is important is the networks so here they are.

    If you want a comma delimited list of the actual IP addresses, email me and I will send you a list. Or you could just ping each one like I did.


  3. Pingback: WiFi bei AB kommt - Seite 2

  4. Still able to connect with skype after entering these in filter. any other ideas? This didnt seem to work. Blocks web site but not the program.

  5. #With these iptables rules skype will not be able to connect to it’s host servers, preventing the annoying neighbor from making skype calls at 3 A.M.

    #Output chain does not affect skype.
    for ip in; do iptables -A OUTPUT -d $ip -j DROP; done

    #Input chain must be the reason it does not connect.
    for ip in; do iptables -A INPUT -d $ip -j DROP; done

    #Not tested.
    for ip in; do iptables -A FORWARD -d $ip -j DROP; done

    #Not tested.
    for ip in; do iptables -A FIREWALL -d $ip -j DROP; done

    #To delete these rules just use ‘-D’ (delete) instead of -‘A’ (append) in all the chains
    I use an *.sh script that applies the rules after midnight and deletes them at 9:00 in the morning.

  6. I want to ensure Skype connection is stable, as I am getting a lot of complaints about Skype connectivity. it is getting disconnected frequently.

Leave a Reply

Your email address will not be published. Required fields are marked *