From: Mark H. Turpin (MHTurpin@basspro.com)
Date: Thu Nov 11 2004 - 20:29:31 GMT-3
I don't believe using the pipe inside quotes will work the way you want
it to.
i think the cisco way is using the -all or -any methods...
-----Original Message-----
From: ccie2be [mailto:ccie2be@nyc.rr.com]
Sent: Thursday, November 11, 2004 4:54 PM
To: Mark H. Turpin
Subject: Re: match protocol http [ url vs mime ]
HeHeHe.
Of course, that's the easy way to do this.
But, let me ask you something.
When you're taking the lab, if there's an easy way do to something and a
difficult way to do the same thing, which way will CISCO insist you do
it?
----- Original Message -----
From: "Mark H. Turpin" <MHTurpin@basspro.com>
To: "Group Study" <ccielab@groupstudy.com>
Sent: Thursday, November 11, 2004 5:16 PM
Subject: RE: match protocol http [ url vs mime ]
> Can't you just use the class-map match type to do the or?
>
> 2600(config)#class-map ?
> WORD class-map name
> match-all Logical-AND all matching statements under this classmap
> match-any Logical-OR all matching statements under this classmap
>
> So, if you're wanting to perform an AND operation, use -all. If
you're
> wanting to OR, I'd use match-any.
>
> -mark
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Thursday, November 11, 2004 2:27 PM
> To: swm@emanon.com; 'Group Study'
> Subject: Re: match protocol http [ url vs mime ]
>
> Hi Scott,
>
> Thanks for getting back to me.
>
> Before I posted the questions below I did a google and found the rfc
for
> mime. Here's the link for anyone interested:
>
> http://www.mhonarc.org/~ehood/MIME/2045/rfc2045.html
>
> I started reading it but after a while my eyes glazed over and I
didn't
> find
> anything that actually helped me figure out whether I should use the
url
> or
> mime parameter of the match prot http command to accomplish this task.
>
> Maybe my brain isn't in good working order at the moment, but after
> reading
> your response, I'm still not sure whether I should use the url or mime
> parameter in the match protocol http command to classify jpeg's,
gif's,
> mpeg's, etc.
>
> So, let's say I want to block web surfers from downloading jpeg's and
> avi's.
>
> Would I use
>
> match prot http url "*jpeg | *avi"
>
> or
>
> match prot http mime "*jpeg | *avi"
>
> Notice that I used the bar | to specify either jpeg OR avi. Is that
OK?
>
> Thanks, Tim
>
> ----- Original Message -----
> From: "Scott Morris" <swm@emanon.com>
> To: "'ccie2be'" <ccie2be@nyc.rr.com>; "'Group Study'"
> <ccielab@groupstudy.com>
> Sent: Thursday, November 11, 2004 2:32 PM
> Subject: RE: match protocol http [ url vs mime ]
>
>
> > The protocol type represents a field within the HTTP structures...
It
> will
> > never look like "*.jpeg". That's a filename call, and within the
URL.
> >
> > MIME types are "image/jpeg", "image/gif", "video/avi" and things
like
> > that... There's an RFC about Multimedia Independent Mail Extensions
> (MIME),
> > but I don't recall what its number is...
> >
> > Otherwise, take a look at your File Associations table in Windows
and
> you'll
> > have an idea for different MIME types and their name.
> >
> > HTH,
> >
> >
> > Scott Morris, MCSE, CCDP, CCIE4 (R&S/ISP-Dial/Security/Service
> Provider)
> > #4713, JNCIP, CCNA-WAN Switching, CCSP, Cable Communications
> Specialist,
> IP
> > Telephony Support Specialist, IP Telephony Design Specialist, CISSP
> > CCSI #21903
> > swm@emanon.com
> >
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > ccie2be
> > Sent: Thursday, November 11, 2004 12:31 PM
> > To: Group Study
> > Subject: match protocol http [ url vs mime ]
> >
> > Hi guys,
> >
> > I need some help figuring out when to use the "mime" parameter when
> matching
> > traffic.
> >
> > For example, if I want to apply a policy which filters or restricts
> traffic
> > that contains jpeg files which config should I use?
> >
> > class-map jpeg
> > match protocol http url "*.jpeg"
> >
> > or
> >
> > match protocol http mime "*.jpeg"
> >
> >
> > Also, can regular expressions be used within the quote marks?
> >
> > For example, is this OK?
> >
> > match prot http mime "*.jpeg | *.jpg | *.mpeg"
> >
> >
> > Any insight or help is greatly appreciated.
> >
> > TIA, Tim
> >
> >
>
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:42 GMT-3