04-03-2002 11:26 AM - edited 03-08-2019 10:13 PM
Is there a way to limit Kazaa & Morpheus traffic on my Cisco 1005 router to, say, 16k of bandwidth?
Thanks, Fred
04-09-2002 10:54 AM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
Thank you for posting.
05-14-2002 11:43 AM
VERY tricky one, and I'm looking forward to an answer as well. the GnuTella engine is a slippery bugger. It's DEFAULT port to LISTEN to is 6346 TCP. I have IDSM blades, server, and appliances running, and still cant find em. you could PERHAPS crerate an access-list blocking all traffic outbound on 6346 destination port, but if you have an intellegent user, they'll change that. Im looking for BLOCKING the buggers, and prolly will end up doing an NMAP scan on port 6346, but am open to ANY suggestions short of taking away their keyboards.
05-15-2002 10:37 AM
Hi,
To limit traffic, you would want to configure some custom queues for that interface.
This website has some good resources on stopping file sharing. I understand that this site does not focus on Cisco equipment, but you can reference the port and protocols to assist in stopping most file sharing applications.
I hope this helps.
05-26-2002 07:35 AM
you will need a QoS IOS ie 12.05T
unfortunately I don't have 12.05 on 1005 but it works on router 2500.
This will limit all request to 32K
Interface Eth0
ip access-group 116 in (this will block on 116)
rate-limit input access-group 102 32000 8000 8000 conform-action set-prec-trans
mit 5 exceed-action drop
no cdp enable
!
Limit some tcp/udp services , just look fo the one for kazaa and Morpheus
access-list 102 permit udp any any eq 8311
access-list 102 permit udp any any eq 8875
access-list 102 permit tcp any any eq 8875
access-list 102 permit tcp any any eq 8888
access-list 102 permit udp any any eq 8888
access-list 102 permit udp any any eq 6257
access-list 102 permit tcp any any eq 6257
access-list 102 permit tcp any any eq 6699
access-list 102 permit udp any any eq 6699
access-list 102 permit udp any any eq 9001
access-list 102 permit tcp any any eq 9001
access-list 102 permit tcp any any eq 9002
access-list 102 permit udp any any eq 9002
access-list 116 deny icmp any any echo
access-list 116 deny icmp any any echo-reply
access-list 116 deny tcp any any eq 16660
access-list 116 deny tcp any any eq 65000
access-list 116 deny tcp any any eq 135
access-list 116 deny udp any any eq 1214
access-list 116 deny tcp any any eq 1214
access-list 116 deny tcp any any eq 1080
access-list 116 deny udp any any eq 1080
access-list 116 deny udp any any eq 6346
access-list 116 deny tcp any any eq 6346
also could use
ip route Kazaa_IP-Host-number 255.255.255.255 null (will hide kazaa host server)
good look
05-31-2002 12:20 PM
Unfortunately, I don't think the 1005 supports QOS with NBAR. That would be the easiest Cisco solution. I will probably get kicked off the site for my next recommendation:
Packeteer makes a great bandwidth management product call Packetshaper. We installed one at a univeristy and within 5 minutes found out the Kazaa was using 6MB of their 10MB Internet pipe. Less than 5 minutes later we were able to limit that to 1K.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide