ckuriyar74 Sun, 04/08/2007 - 22:49
User Badges:

Hi Paul,


Create an access-list and apply the access-group on outside interface.


I have configured the same and the internet utilization is drastically come down & worked fine for me.


Below is the list.


deny tcp any any eq 1214

deny udp any any eq 1214

deny tcp any any range 4661 4672

deny udp any any range 4661 4672

deny tcp any any eq 6257

deny udp any any eq 6257

deny tcp any any eq 6699

deny udp any any eq 6699

deny tcp any any eq 6969

deny udp any any eq 6969

deny tcp any any eq 6346

deny udp any any eq 6346

deny tcp any any eq 6347

deny udp any any eq 6347

deny tcp any any eq 554

deny udp any any eq 554

deny tcp any any range 6881 6999

deny udp any any range 6881 6999

deny tcp any any eq 411

deny udp any any eq 411

deny tcp any any eq 2710

deny udp any any eq 2710

deny tcp any any eq 7000

deny udp any any eq 7000

deny tcp any any eq 6700

deny udp any any eq 6700

deny tcp any any eq 6701

deny udp any any eq 6701

deny tcp any any eq 4329

deny udp any any eq 4329

deny tcp any any eq 1755

deny udp any any eq 1755


Please rate if it does!


Chandru


paulnigel Sun, 04/08/2007 - 23:00
User Badges:

Hi Chandru,


You are really helpful, thank you so much for that.


I learned that when this P2P software learns that its port is blocked, it will shift to dynamic ports, are they within the list of ports define by your access-list?


Thank you,

py

ckuriyar74 Sun, 04/08/2007 - 23:27
User Badges:

Hi Paul,


Most of the P2P ports are well within the range defined above. But some of the ports are dynamic and will not be able to 100% block it as per my experience.

paulnigel Tue, 04/10/2007 - 00:06
User Badges:

Hi Madru,


Thanks for that, I guess so, the bittorrent seems to be able to get through.


Thanks again,

py

Actions

This Discussion