cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1284
Views
0
Helpful
7
Replies

blocking p2p software (LimeWire)

cisco
Level 1
Level 1

I have succesfully blocked all file sharing softwares except Lime wire because there is no PDLM available on cisco site. From where i can fetch this PDLM. Please help in this regard.

7 Replies 7

wiluszm
Level 1
Level 1

You'll want to use the "ip nbar port-map" command. You discuss LimeWire which uses the Gnutella protocol. So to create your custom PDLM you'll do the following:

1) Create the custom port-map that matches Gnutella traffic:

ip nbar port-map custom-01 tcp 5634 6346 6347 6348 6349 6355

2) Add your custom protocol to the proper QoS class-map:

WAN_Router(config)# class-map BAD_P2P

WAN_Router(config-cmap)# match protocol custom-01

3) Edit your policing setting for the proper policy-map as necessary. Examples are available online or I can provide any if you need them.

Hi Wiluszm,

As i creat my custom port-map for Genutella traffic, Erorr shows that respective ports are already mapped with Gnutella:

MyRouter(config)#ip nbar port-map custom-01 tcp 5634 6346 6347 6348 6349 6355

% NBAR Warning: gnutella is already mapped to - 5634

% NBAR Warning: gnutella is already mapped to - 6346

% NBAR Warning: gnutella is already mapped to - 6347

% NBAR Warning: gnutella is already mapped to - 6348

% NBAR Warning: gnutella is already mapped to - 6349

% NBAR Warning: gnutella is already mapped to - 6355

Because i have blocked Gnuetella p2p application through PDLM. As Limewire is application of genutella using the genutella resources it is still not even blocked.

As these are matching ports (5634 6346 6347 6348 6349 6355 ) used by Genutella ( Limewire also ), so we can block through access-list. Will it work?

Thanks,

Hi there,

I have a little config that i put into Student Halls from time to time.... And it works well....

class-map match-any P2P

match protocol fasttrack

match protocol gnutella

match protocol napster

match protocol http url "\.hash=*"

match protocol http url "/.hash=*"

match protocol kazaa2

match protocol bittorrent

match protocol directconnect

match protocol edonkey

match protocol ftp

!

!

policy-map P2P

class P2P

police cir 8000 bc 1500 be 1500

conform-action drop

exceed-action drop

!

!

!

int Dialer0 (or other external Wan Interface)

ip nbar protocol-discovery

service-policy input P2P

service-policy output P2P

!

!

!

int e0 (or other internal LAN interface)

ip nbar protocol-discovery

service-policy input P2P

service-policy output P2P

!

Now.... as far as i'm aware this does not need an ACl configured.

Show Policy-map interface

will give you an idea of what packets are being dropped.

hope this helps

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful

Ah... sorry just had a look on the net and realised that the New limewire V4 is bypassing Cisco's NBAR. Although as a side note, lime wire is based on the Gnutella protocol so the above NBAR list should stop most limewire activity.

See here

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455985.html

Hope this Helps

Thanks

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful

Hi Stephen,

The above configuration you sent i have already done but it does not work. and second link about custom pdlm also does not work. These porst are already mapped to Genuttlla. But lime wire is still unblock.

Thanks,

Does these policies work on router-on a stick?

I mean, if a router is default gateway for a LAN, and both incomming and outgoing traffic is on the same interface? I have this configured and I can see hits, but all bad applications are still have access out.

Review Cisco Networking for a $25 gift card