how to disable napster on 1841

visteknetworking · ‎06-25-2007

Hi,

When i run the following command ion the 1841 router

sh ip nbar protocol-discovery top-n 20

I see napster along with unknown traffic.

The question is how can I disable outgoing napster traffic and how to determent unknown protocols being used from inside out.

Thank you for any help

mohammedmahmoud · ‎06-25-2007

Hi,

Here you are a method to block napster:

class-map match-any napster

match protocol napster

policy-map mark-napster

class napster

set dscp 1

interface FastEthernet0/0

service-policy input mark-napster

interface Serial1/0.1 point-to-point

ip access-group 103 out

access-list 103 deny ip any any dscp 1

access-list 103 permit ip any any

HTH,

Mohammed Mahmoud.

visteknetworking · ‎06-25-2007

Hi ,

assuming that my LAN interface is fastethernet 0/0 and the 0/1 goes to the WAN.

I guess that in your case serial is the WAN.

all the rest should be as you have typed, correct?

Thanks

royalblues · ‎06-25-2007

Yes, in your case the WAN link would be fa 0/1 where you will apply your policy-map.

The configuration suggested by mohammed does does marking at the input and uses an access-list at the output

If you want to drop the traffic, you can also police the napster traffic to the minimum value and drop it when this exceeds

policy-map mapster

class napster

police 8000 exceed-action-drop

HTH, rate if it does

Narayan

mohammedmahmoud · ‎06-25-2007

Hi,

Yes as Narayan has told you, your f0/1 would be the WAN link (instead of the serial in my case), and there are multiple ways to do it, and Narayan's example is another valid example.

HTH,

Mohammed Mahmoud.