NBAR for limewire

Unanswered Question
Apr 20th, 2008

hi all,

I configured NBAR to block all peer-peer softwares which comes under fasttrack and Gnutella. It is blocking some of the peer-peer softwares. But its not blocking Limewire which falls under Gnutella. Is there any way to block this?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
owillins Fri, 04/25/2008 - 05:35

Yes, I think NBAR currently does not support Limewire classification. Another way you can block TCP/UDP ports 6346, 6347 to drop significant Limewire packets.

guruprasadr Sun, 04/27/2008 - 12:25

HI Muhammed, [Pls Rate if HELPS]

Cisco IOS version 12.4(4)T introduced the much awaited Skype classification in NBAR. Now, with simple policy you can block Skype in much the same way as you used to block kazza, limewire, and other p2p applications.



NBAR configuration to drop Skype packets

class "map match" any p2p

match protocol skype

policy "map block" p2p

class p2p


int FastEthernet0

description PIX "facing interface service"

policy "input block" p2p

If you are unsure about the bandwidth-eating applications being used in your organization, you can access the interface connected to the Internet and configure using the following command:

"ip nbar protocol-discovery"

This will enable nbar discovery on your router.

If you use the following command:

"show ip nbar protocol-discovery stats bit-rate top-n 10"

It will show you the top 10 bandwidth-eating applications being used by the users. Now, you will be able to block/restrict traffic with appropriate QoS policy.

You can also use "ip nbar port-map" command to look for the protocol or protocol name using a port number or numbers other than the well-known Internet Assigned Numbers Authority (IANA)-assigned port numbers.

Usage as per Cisco:


"ip nbar port-map protocol-name [tcp | udp] port-number"

Up to 16 ports can be specified with the above command. Port number values can range from 0 to 65535.

Note: New PDLMs may have to be loaded to match more recent versions of some protocols.

Hope I am Informative.


Best Regards,

Guru Prasad R


This Discussion