We have been using cisco's pdlm's with NBar for blocking P2P apps for a while now and they have always worked well. We are having a problem with the new version of Limewire. Has anyone sucessfully blocked it yet? We have a packet capture of it and can't figure out a way to successfully block it. IT uses some java random port generator. I believe a special pdlm will have to be written for this much like the Kazaa2 one published by cisco.
Snip of my config:
ip nbar port-map custom-02 tcp 6699 8875 8888 6700 6666 6677 6688 4444 5555
5000 ip nbar port-map custom-01 udp 1900 41170class-map match-any QOS match protocol kazaa2 match protocol http url "\\.hash=*" match protocol http url "/.hash=*" match protocol custom-01 match protocol edonkey match protocol winmx match protocol bittorrent match protocol netbios match protocol custom-02 match protocol directconnect match protocol gnutella file-transfer "*" match protocol fasttrack file-transfer "*"
policy-map block_peer_peer description Drops Peer to Peer applications traffic class QOS drop
Any help is greatly appreciated.
Paul snipped-for-privacy@alaweb.com AlaWeb.com