hello
you didn't enable Nbar protocol discovery under the interface gi0/2.
please issue the command below.
int gi0/2
ip nbar protocol-discovery then verify
regards
Muhammad Adnan
On Tue, Jun 2, 2009 at 12:49 PM, Abdul Muhammed <abdulmuri_at_gmail.com> wrote:
> Hi,
>
> I configured NBAR on 7200 series router to drop some unwanted traffic from
> sites like rapidshare, mediafire and others, but it matches the traffic,
> but
> drop ratio is zero( no dropping).
> below is a result of my show policy-map int g0/2
>
> please why is it not dropping the packets.
>
> sh policy-map int g0/2
> GigabitEthernet0/2
>
> Service-policy input: policy1
>
> Class-map: downloader (match-any)
> 31 packets, 6418 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http url "*.4shared"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*youtube*"
> 31 packets, 6418 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.googlevideo.*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*googlevideo*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.mediafire.*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*mediafire*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*rapidshare*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.rapidshare.*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.tube8.*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*tube8*"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> police:
> cir 8000 bps, bc 1500 bytes
> conformed 13 packets, 790 bytes; actions:
> drop
> exceeded 0 packets, 0 bytes; actions:
> drop
> conformed 0 bps, exceed 0 bps
>
> Class-map: p2p (match-any)
> 5 packets, 5798 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol edonkey
> 5 packets, 5798 bytes
> 5 minute rate 0 bps
> Match: protocol fasttrack
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol finger
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol kazaa2
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol bittorrent
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol gnutella
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol napster
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol vdolive
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> police:
> cir 8000 bps, bc 1500 bytes
> conformed 1 packets, 1434 bytes; actions:
> drop
> exceeded 0 packets, 0 bytes; actions:
> drop
> conformed 0 bps, exceed 0 bps
>
> Class-map: class-default (match-any)
> 413369 packets, 396012906 bytes
> 5 minute offered rate 1786000 bps, drop rate 0 bps
> Match: any
>
> --
> Cherish your visions and your dreams as they are the children of your soul,
> the blueprints of your ultimate achievements. "Napoleon Hill"
>
> There are no limitations to the mind except those we acknowledge; both
> poverty and riches are the offspring of thought. "Napoleon Hill"
>
> Abdul Muhammed Murtala
> American University of Nigeria
> Lamido Zubairu way, Yola
> Adamawa
> +2348052001153, +2348056201237
>
> Network Manager
> MCSE,MCDBA,MCSA,OCPDBA,CCNA,CCIE Written.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jun 02 2009 - 13:10:04 ART
This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:36 ART