[cisco-voip] how to block peer to peer and chat

ash AD commo_ssg_31f at yahoo.com
Tue Jul 11 17:27:49 EDT 2006 

that policy will not drop it, it will only reduce it's flow to a 1% during conjestion. When bandwidth is available your users will still be able to use it for P2P. you can change that and do the following:
   
  class-map match-any Junk
   match protocol edonkey
 match protocol kazaa2
   match protocol nabster
   match protocol fasttrack
  !
policy-map drop Junk
    class Junk
     police 8000 conform-action drop exceed-action drop    (use on older IOS')
     drop  (can just drop on some IOS versions)
   
  The fast track NBAR definition matches most p2p apps. Make sure you specify match-any because match-all int the default. Apply service-policy junk on inbound traffic from your LAN gateway interfaces.
   
  Peter

Ted Nugent <tednugent69 at yahoo.com> wrote:
  
You can try using NBAR, just throttle it back to
almost nothing, you'll need to apply it to both
inbound and outbound interfaces for it to be
affective. You can download the updated PDLMs that
contain the recent signature files from CCO. This
example just shows throttling it back to 1% but if you
mess with it enough you might be able to block it all
together.

class-map match-any crap
match protocol edonkey
match protocol kazaa2
!
policy-map squash-it
class crap
bandwidth percent 1
!
interface FastEthernet0/0
service-policy output squash-it
!
interface FastEthernet0/1
service-policy output squash-it




--- James Grace wrote:

> Can someone send me some examples on how to block
> peer to peer and chat on
> my GW. My gw is going to be used for voice and data
> and just want to keep
> unwanted traffic off 
> 
> 
> 
> James D. Grace 
> 
> CCNP CCNA MCSE MCDBA
> 
> Sr. System Engineer / Professional Svc.
> 
> Digitel Corporation
> 
> 
> 
> > _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
> 


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip


 				
---------------------------------
Want to be your own boss? Learn how on  Yahoo! Small Business. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20060711/33766158/attachment.html

More information about the cisco-voip mailing list