Blocking streaming media with deep packet inspection

Unanswered Question

I have a problem with blocking streaming audio from web radio stations. We use a pair of ASA 5510's on our perimeter. Has anyone been successful at blocking this traffic with an ASA? If so could you provide a snippet of your configuration.

I assume it would be using Modular Policy Framework, but I have no clue how to write these from scratch, which is why im asking for help :)

Thanks in advance!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
didyap Fri, 09/28/2007 - 14:26

You can create a policy for blocking streaming traffic. Here is a sample

policy-map type inspect http Shareware

parameters

protocol-violation action drop-connection log

class asdm_high_security_methods

drop-connection

match request header non-ascii

drop-connection

match request uri regex _default_gnu-http-tunnel_arg

drop-connection log

match request uri regex _default_gnu-http-tunnel_uri

drop-connection log

match request uri regex _default_windows-media-player-tunnel

drop-connection log

acomiskey Fri, 10/19/2007 - 11:18

didyap,

I tried out your config example and cannot get it entered. Could you help me out?

ASA5510(config-pmap-p)# class asdm_high_security_methods

ERROR: % class-map asdm_high_security_methods not configured

If I go back and do...

ASA5510(config)# class asdm_high_security_methods

then go back and try...

ASA5510(config-pmap-p)# class asdm_high_security_methods

ERROR: Specified class type is different from the policy-map type.

Actions

This Discussion