[c-nsp] QOS policy-map on 6509 doesn't have drop option
Sam Munzani
smunzani at comcast.net
Tue Oct 19 14:18:23 EDT 2004
Ian Cox wrote:
>
> Try
>
> ringebu#sh policy-map junk
> Policy Map junk
> Class spoke9
> police cir 8000 bc 1500 be 1500 conform-action drop exceed-action
> drop
Thanks Ian,
I didn't have exact command options but have punched in as below. I will
see how this works now.
class-map match-any p2p
match protocol fasttrack
match protocol gnutella
match protocol napster
match protocol novadigm
class-map match-any control-icmp
match protocol icmp
class-map match-any nimda
match protocol http url "*readme.eml*"
match protocol http url "*readme.exe*"
match protocol http url "*.ida*"
match protocol http url "*cmd.exe*"
match protocol http url "*root.exe*"
match protocol http url "*csrss.exe*"
match protocol http url "*httpodbc.dll*"
match protocol http url "*cool.dll*"
match protocol http url "*sample.exe*"
!
!
policy-map lan-policy
class control-icmp
police 32000 1500 1500 conform-action transmit exceed-action drop
class nimda
police 8000 1500 1500 conform-action drop exceed-action drop
class p2p
police 8000 1500 1500 conform-action drop exceed-action drop
violate-action drop
Thanks,
Sam
More information about the cisco-nsp
mailing list