Re: Limiting Kazaa & Morheus Traffic

fredd · ‎04-03-2002

Is there a way to limit Kazaa & Morpheus traffic on my Cisco 1005 router to, say, 16k of bandwidth?

Thanks, Fred

ciscomoderator · ‎04-09-2002

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

e.schliesing · ‎05-14-2002

VERY tricky one, and I'm looking forward to an answer as well. the GnuTella engine is a slippery bugger. It's DEFAULT port to LISTEN to is 6346 TCP. I have IDSM blades, server, and appliances running, and still cant find em. you could PERHAPS crerate an access-list blocking all traffic outbound on 6346 destination port, but if you have an intellegent user, they'll change that. Im looking for BLOCKING the buggers, and prolly will end up doing an NMAP scan on port 6346, but am open to ANY suggestions short of taking away their keyboards.

skeetin44 · ‎05-15-2002

Hi,

To limit traffic, you would want to configure some custom queues for that interface.

This website has some good resources on stopping file sharing. I understand that this site does not focus on Cisco equipment, but you can reference the port and protocols to assist in stopping most file sharing applications.

I hope this helps.

http://www.oofle.com/filesharing/index.htm

hcasas · ‎05-26-2002

you will need a QoS IOS ie 12.05T

unfortunately I don't have 12.05 on 1005 but it works on router 2500.

This will limit all request to 32K

Interface Eth0

ip access-group 116 in (this will block on 116)

rate-limit input access-group 102 32000 8000 8000 conform-action set-prec-trans

mit 5 exceed-action drop

no cdp enable

!

Limit some tcp/udp services , just look fo the one for kazaa and Morpheus

access-list 102 permit udp any any eq 8311

access-list 102 permit udp any any eq 8875

access-list 102 permit tcp any any eq 8875

access-list 102 permit tcp any any eq 8888

access-list 102 permit udp any any eq 8888

access-list 102 permit udp any any eq 6257

access-list 102 permit tcp any any eq 6257

access-list 102 permit tcp any any eq 6699

access-list 102 permit udp any any eq 6699

access-list 102 permit udp any any eq 9001

access-list 102 permit tcp any any eq 9001

access-list 102 permit tcp any any eq 9002

access-list 102 permit udp any any eq 9002

access-list 116 deny icmp any any echo

access-list 116 deny icmp any any echo-reply

access-list 116 deny tcp any any eq 16660

access-list 116 deny tcp any any eq 65000

access-list 116 deny tcp any any eq 135

access-list 116 deny udp any any eq 1214

access-list 116 deny tcp any any eq 1214

access-list 116 deny tcp any any eq 1080

access-list 116 deny udp any any eq 1080

access-list 116 deny udp any any eq 6346

access-list 116 deny tcp any any eq 6346

also could use

ip route Kazaa_IP-Host-number 255.255.255.255 null (will hide kazaa host server)

good look

sconnolly · ‎05-31-2002

Unfortunately, I don't think the 1005 supports QOS with NBAR. That would be the easiest Cisco solution. I will probably get kicked off the site for my next recommendation:

Packeteer makes a great bandwidth management product call Packetshaper. We installed one at a univeristy and within 5 minutes found out the Kazaa was using 6MB of their 10MB Internet pipe. Less than 5 minutes later we were able to limit that to 1K.