RE : MQC to filter MIME-types

From: Richard Dumoulin (Richard.Dumoulin@vanco.fr)
Date: Sat Sep 18 2004 - 07:43:57 GMT-3

• Next message: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Previous message: Joe Rothstein: "Lab 3 Cisco Press backup solution"
• Next in thread: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Maybe reply: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Maybe reply: Joseph D. Phillips: "Re: RE : MQC to filter MIME-types"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C49D6C.6B6D1038
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Here I have to disagree. With the "match protocol http url" command you are
matching http traffic by the url.
Jpg, jpeg etc... are mime types so to match traffic based on this you have
to use the "match protocol http mime ..." command,

 http://www.isi.edu/in-notes/iana/assignments/media-types/media-types

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos
_r/qrfcmd5.htm#wp1066747

--Richard

-----Message d'origine-----
De=A0: Carlos G Mendioroz [mailto:tron@huapi.ba.ar]=20
Envoy=E9=A0: Saturday, September 18, 2004 12:24 PM
=C0=A0: Julian Skelley
Cc=A0: Joseph D. Phillips; group study
Objet=A0: Re: MQC to filter MIME-types

AFAIK, "protocol http mime" is for mime type, so "*image*" might be a=20
good parameter to it.
"protocol http url" should be used for matching the actual URL, usually=20
a file name, thus "*jpg" would work.
protocol http url "*.(jpg|bmp|gif|jpeg)" can be used instead of multiple=20
lines.

Julian Skelley wrote:

> Hi Joseph
>=20
> I tried this last night with no success, I have set it up as the doc
suggest but can not seem to "catch" anything with the map.
>=20
> I must have missed something but I am not sure what?!
>=20
> Can anyone help?
>=20
> Thanks
> J
>=20
> The set up was:
>=20
> WWW_SERVER---174.1.167.x---[r6]---174.1.26.x---BROWSER
>=20
> r6
> ip cef
> !
> class-map match-any PICS
> match protocol http mime "*jpg"
> match protocol http mime "*gif"
> match protocol http mime "*jpeg"
> !=20
> policy-map HTTP_OUT
> class PICS
> drop =20
> !
> interface FastEthernet0/0.26
> encapsulation dot1Q 26
> ip address 174.1.26.6 255.255.255.0
> service-policy output HTTP_OUT
>=20
> r6#sh policy-map int f0/0.26
> FastEthernet0/0.26=20
>=20
> Service-policy input: HTTP_OUT
>=20
> Class-map: PICS (match-any)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http mime "*jpg"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http mime "*gif"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http mime "*jpeg"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> drop
>=20
> Class-map: class-default (match-any)
> 5972 packets, 434656 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any=20
>=20
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Joseph D. Phillips
> Sent: 17 September 2004 17:52
> To: group study
> Subject: MQC to filter MIME-types
>=20
>=20
> If you wanted to filter out all picture files from entering an=20
> interface, would you have to specify every extension, using MQC? Or is=20
> there a way to filter them all at once?
>=20
> E.g. match protocol http mime "*jpeg"
> E.g. match protocol http mime "*tiff"
> E.g. match protocol http mime "*jpg"
> E.g. match protocol http mime "*gif"
> E.g. match protocol http mime "*bmp"
>=20
> _______________________________________________________________________
> Subscription information may be found at:=20
> http://www.groupstudy.com/list/CCIELab.html
> *********************************************************
> CONFIDENTIALITY NOTICE
> The information contained in this e-mail and any
> attachments to it are for the exclusive use of the
> intended recipient(s).=20
> It may be confidential and contain privileged information and will be
protected by copyright.=20
> If you are not the intended recipient(s) you must not review, copy,
distribute or in any other way use or rely on the information contained in
the message.=20
>=20
> If you have received this e-mail in error, please notify us by e-mail
Administrator@itex.je, Tel: +44 1534 633633 or Fax: +44 1534 633644 and then
delete all copies from your system.
>=20
> http://www.Itex.je
> http://www.Itex.gg
> http://www.ThisisJersey.com
> http://www.ThisisGuernsey.com
>=20
> *********************************************************
>=20
> This message has been checked for all known viruses by e:)scan. For
further information visit: http://www.activis.com/
>=20
> _______________________________________________________________________
> Subscription information may be found at:=20
> http://www.groupstudy.com/list/CCIELab.html
>=20

--=20
Carlos G Mendioroz <tron@huapi.ba.ar> LW7 EQI Argentina

• Next message: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Previous message: Joe Rothstein: "Lab 3 Cisco Press backup solution"
• Next in thread: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Maybe reply: Carlos G Mendioroz: "Re: RE : MQC to filter MIME-types"
• Maybe reply: Joseph D. Phillips: "Re: RE : MQC to filter MIME-types"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:45 GMT-3