cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
323
Views
0
Helpful
1
Replies

NBAR config

ciscothejam00
Level 1
Level 1

Hi,

i have a 2821 router with 12.4 IOS and i donwloaded the bittorent PDLM to block the P2P application like bitcomet,limewire,kasaa2.....etc.

i have Fa0/0 is the inside interface nad

Fa0/1 is the outside one:

i've done the following:

class-map match-all drop-bittorent

class-map match-any bittorent

match protocol bittorrent

match protocol gnutella

policy-map drop-bittorent

class bittorent

drop

interface FastEthernet0/0

ip address 192.168.254.1 255.255.255.0

ip nat outside

duplex auto

speed auto

service-policy input drop-bittorent

service-policy output drop-bittorent

!

interface FastEthernet0/1

ip address 192.168.23.81 255.255.255.0

ip nbar protocol-discovery

ip nat inside

duplex auto

speed auto

service-policy input drop-bittorent

service-policy output drop-bittorent

when i'm doing the test on the Bitcomet application, i still have a slight upload and slight download. Limewire application is blocked.

Do i have to do anything else??? kindly advice.

Do u have a way to block MSN and yahoo messenger?

regards

Fady

1 Reply 1

pciaccio
Level 4
Level 4

You should be able to create an Access-list and define all the traffic you are concerned about onto the access-list (permitting them all). Then apply the access-list to the class-map (match access-group ###). From your policy map you would then drop all packets caught from the class-map (access-list)....