9.2 alternate solution (block snmp) using mqc

policy-map qos_in_from_bb2
 class snmp
   drop

class-map match-any snmp
 match protocol snmp



BBB2#telnet 2.2.2.2 161
Trying 2.2.2.2, 161 ...

BB2#telnet 2.2.2.2 162
Trying 2.2.2.2, 162 ...



R5#sh policy-map int e 0/1
 Ethernet0/1

  Service-policy input: qos_in_from_bb2

    Class-map: snmp (match-any)
      8 packets, 480 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol snmp
        0 packets, 0 bytes
        5 minute rate 0 bps
      Match: protocol smtp
        8 packets, 480 bytes
        5 minute rate 0 bps
      drop


......didnt see this in archives.
.......when matching with above method...both ports 161 and 162 get dropped..

Sign In or Register to comment.