From: Snow, Tim (timothy.snow@eds.com)
Date: Mon Sep 22 2003 - 04:13:33 GMT-3
Can you try using your match statement with "" (quotes) per the following
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
limit/121e/121e2/nbar2e.htm#xtocid2979330
Step 1 Classify all secure HTTP and HTTP traffic for the /transact/
directory:
Router(config)# class-map match-all http_transact
Router(config-cmap)# match protocol http url "/transact/*"
Router(config)# class-map match-all http_secure
Router(config-cmap)# match protocol secure-http
Router(config)# class-map match-any ecommerce
Router(config-cmap)# match class-map http_transact
Router(config-cmap)# match class-map http_secure
Although there are also configuration examples where they don't use the ""
You do have CEF turned on right?
Tim
#12042
-----Original Message-----
From: sumedh rangari [mailto:sumedhr@gtllimited.com]
Sent: Monday, September 22, 2003 2:11 AM
To: Ccielab (E-mail)
Subject: Traffic filtering on Router based on URLs
Hi Guys,
We had tried unsucessfully to filter traffic based on URLs
Matching Criteria : If the URL contains www.abc.com and /group/xyz then the
the HTTP request packet should be dropped. Allow HTTP request to other
groups on www.abc.com
Allow HTTP request to all Websites.
Tried Solution :
class-map match-all abc_groups
match protocol host www.abc.com
match protocol http url /group/xyz
policy-map drop-outbound-abc-http
class abc_groups
police cir 1000000 bc 31250 be 31250
conform-action drop
exceed-action drop
interface Serial11/1/2
Description " Internet Link"
service-policy output drop-outbound-abc-http
This solution doesnt seem to work.
Pls revert back with alternative solutions for the same or any corrections
in the above Solution.
rgds
Sumedh R
***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:33 GMT-3