You can do one thing. Install Morpheus and Napster on your system and run it. Then go to command prompt and type in netstat and you will get the tcp connections with the port number that is being used.Then you can do the blocking of those ports. You can try this. I hope this will work.

Hello,

If your aim is to restrict bandwidth to ceratin network of yours. you can do this.

1. Creater an extended access-list to permit this particular network.

2. now give this command in the interface of the router where this network is connected.

rate-limit output access-group 50000 10000 10000 conform-action transmit exceed-action drop

and this also

rate-limit input access-group 50000 10000 10000 conform-action transmit exceed-action drop

Thsi would limit the bandwidth of those ips to 50k upload and 50k download. try this out. This is what i have implemented and found working fine.

Regards,

Ramesh

Be careful with this.

Napster, eg., always uses different ports, when you block off one port, it simply goes to another one so that won't work.

Other problem is that you can't block the Napster URL, it just prevents downloading the Napster software but you can get the software from a lot of places around the world.

Q. So how can you stop this?

A. Only partially with NBAR or rate limiting

Napster uses TCP port 6699 as default. Putting a filter in that blocks this port brings Napster traffic to a screeching halt(for those using 6699). Blocking www.napster.com (url filter)adds an extra measure of security, as all clients must contact the site before they can begin exchanging music files.

But forbidding the use of Napster and blocking access to the site isn't the best approach. Crafty programmers have already come up with a way around the port blocking -- Napster already allows users to choose their own port -- and mirrored servers with new names would get around the site block.

If you sniff your link you can determine the addresses of the napster servers and rate limit accordingly (pain in the a!@).

Try NBAR. Use the "software search tool" on CCO and download the necessary .pdlm file as listed in the config below.

nsure that ip cef is enabled.

!

ip cef

ip nbar pdlm slot0:napster.pdlm

!

!

class-map match-all napster_nonstd

match protocol napster non-std

class-map match-all napster

match protocol napster

!

!

policy-map napout

class napster_nonstd

police 10000 2500 2500 conform-action drop exceed-action drop

class napster

police 1000000 250000 250000 conform-action transmit exceed-action drop

policy-map napin

class napster_nonstd

police 10000 2500 2500 conform-action drop exceed-action drop

class napster

police 3000000 250000 250000 conform-action transmit exceed-action drop

------

implementation eg.

!

interface FastEthernet0/0

description ***Residence Halls***

ip address xxx.xxx.xxx.xxx 255.255.xxx.xxx

no ip mroute-cache

duplex full

service-policy input napin

service-policy output napout

!

interface FastEthernet0/1

description ***Admin***

ip address xxx.xxx.xxx.xxx 255.255.xxx.xxx

ip nbar protocol-discovery

duplex full

no ip mroute-cache

!

interface ATM1/0

description *** PVC to Sunnyville CSU router

no ip address

no atm ilmi-keepalive

!

interface ATM1/0.1 point-to-point

bandwidth 30000

ip address xxx.xxx.xxx.xxx 255.255.xxx.xxx

ip nbar protocol-discovery

ip policy route-map papapix

atm pvc 5 0 385 aal5snap 30000 30000

Good Luck !!