<DIV>that policy will not drop it, it will only reduce it's flow to a 1% during conjestion. When bandwidth is available your users will still be able to use it for P2P. you can change that and do the following:</DIV> <DIV> </DIV> <DIV>class-map match-any Junk</DIV> <DIV> match protocol edonkey<BR> match protocol kazaa2</DIV> <DIV> match protocol nabster</DIV> <DIV> match protocol fasttrack</DIV> <DIV>!<BR>policy-map drop Junk</DIV> <DIV> class Junk</DIV> <DIV> police 8000 conform-action drop exceed-action drop (use on older IOS')</DIV> <DIV> drop (can just drop on some IOS versions)</DIV> <DIV> </DIV> <DIV>The fast track NBAR definition matches most p2p apps. Make sure you specify match-any because match-all int the default. Apply service-policy junk on inbound traffic from your LAN gateway interfaces.</DIV> <DIV> </DIV>
<DIV>Peter<BR><BR><B><I>Ted Nugent <tednugent69@yahoo.com></I></B> wrote:</DIV> <BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid"><BR>You can try using NBAR, just throttle it back to<BR>almost nothing, you'll need to apply it to both<BR>inbound and outbound interfaces for it to be<BR>affective. You can download the updated PDLMs that<BR>contain the recent signature files from CCO. This<BR>example just shows throttling it back to 1% but if you<BR>mess with it enough you might be able to block it all<BR>together.<BR><BR>class-map match-any crap<BR>match protocol edonkey<BR>match protocol kazaa2<BR>!<BR>policy-map squash-it<BR>class crap<BR>bandwidth percent 1<BR>!<BR>interface FastEthernet0/0<BR>service-policy output squash-it<BR>!<BR>interface FastEthernet0/1<BR>service-policy output squash-it<BR><BR><BR><BR><BR>--- James Grace <JGRACE@DIGITELUSA.NET>wrote:<BR><BR>> Can someone send me some examples on how to
block<BR>> peer to peer and chat on<BR>> my GW. My gw is going to be used for voice and data<BR>> and just want to keep<BR>> unwanted traffic off <BR>> <BR>> <BR>> <BR>> James D. Grace <BR>> <BR>> CCNP CCNA MCSE MCDBA<BR>> <BR>> Sr. System Engineer / Professional Svc.<BR>> <BR>> Digitel Corporation<BR>> <BR>> <BR>> <BR>> > _______________________________________________<BR>> cisco-voip mailing list<BR>> cisco-voip@puck.nether.net<BR>> https://puck.nether.net/mailman/listinfo/cisco-voip<BR>> <BR><BR><BR>__________________________________________________<BR>Do You Yahoo!?<BR>Tired of spam? Yahoo! Mail has the best spam protection around <BR>http://mail.yahoo.com <BR>_______________________________________________<BR>cisco-voip mailing list<BR>cisco-voip@puck.nether.net<BR>https://puck.nether.net/mailman/listinfo/cisco-voip<BR></BLOCKQUOTE><BR><p> 
<hr size=1>Want to be your own boss? Learn how on <a href="http://us.rd.yahoo.com/evt=41244/*http://smallbusiness.yahoo.com/r-index"> Yahoo! Small Business.</a>