Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NBAR config

Hi,

i have a 2821 router with 12.4 IOS and i donwloaded the bittorent PDLM to block the P2P application like bitcomet,limewire,kasaa2.....etc.

i have Fa0/0 is the inside interface nad

Fa0/1 is the outside one:

i've done the following:

class-map match-all drop-bittorent

class-map match-any bittorent

match protocol bittorrent

match protocol gnutella

policy-map drop-bittorent

class bittorent

drop

interface FastEthernet0/0

ip address 192.168.254.1 255.255.255.0

ip nat outside

duplex auto

speed auto

service-policy input drop-bittorent

service-policy output drop-bittorent

!

interface FastEthernet0/1

ip address 192.168.23.81 255.255.255.0

ip nbar protocol-discovery

ip nat inside

duplex auto

speed auto

service-policy input drop-bittorent

service-policy output drop-bittorent

when i'm doing the test on the Bitcomet application, i still have a slight upload and slight download. Limewire application is blocked.

Do i have to do anything else??? kindly advice.

Do u have a way to block MSN and yahoo messenger?

regards

Fady

  • Other Security Subjects
1 REPLY
Silver

Re: NBAR config

You should be able to create an Access-list and define all the traffic you are concerned about onto the access-list (permitting them all). Then apply the access-list to the class-map (match access-group ###). From your policy map you would then drop all packets caught from the class-map (access-list)....

116
Views
0
Helpful
1
Replies