RE: using NBAR to match web traffic

From: sumit.kumar@comcast.net
Date: Fri Jun 03 2005 - 21:23:10 GMT-3

• Next message: Scott Morris: "RE: NAT vs SLB"
• Previous message: asadovnikov: "RE: load balancing problem"
• Maybe in reply to: ccie2be: "using NBAR to match web traffic"
• Next in thread: Sean C: "Re: using NBAR to match web traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Remember "match http url' looks at the GET/PUT/TRACE etc. requests whereas "match http host" searches the host field in the http header.

Google "http header" , lot of sites allow you to see the http header for any url. That will give a clear understanding.

Sumit
-------------- Original message --------------

> How about this Config:
>
> class-map match-all WEB-APP
> match protocol http host *www.web-based-app.com*
> match protocol http url *webapp/*
>
> Thanks.
>
> >From: "ccie2be"
> >Reply-To: "ccie2be"
> >To: "'Stephen Fisher'" , "Group Study"
> >
> >Subject: RE: using NBAR to match web traffic
> >Date: Fri, 3 Jun 2005 18:50:32 -0400
> >
> >Hey Steve,
> >
> >Actually, that missing * was a typo. I meant to include it.
> >
> >The reason I posted this question was because the IE Solution was
> >different.
> >
> >This is the IE solution:
> >
> >class-map match-all WEB-APP
> > match prot http host "www.web-based-app.com"
> > match prot http url "webapp/*"
> >
> >
> >As you can see, IE breaks it down into 2 match statements. And, I wanted
> >to
> >know if the way I thought of would work being that it's different from the
> >IE Solution.
> >
> >I know that often there is more than 1 correct way to accomplish something
> >but without knowing how to verify my config, I can't be sure if this is one
> >of them.
> >
> >Thanks for getting back to me.
> >
> >-----Original Message-----
> >From: Stephen Fisher [mailto:stephentfisher@yahoo.com]
> >Sent: Friday, June 03, 2005 6:28 PM
> >To: ccielab@groupstudy.com
> >Cc: ccie2be
> >Subject: Re: using NBAR to match web traffic
> >
> >On Fri, Jun 03, 2005 at 01:52:45PM -0400, ccie2be wrote:
> >
> > > I want to permit users to access only a web based application which
> > > has a root directory of
> > >
> > > http://www.web-based-app.com/webapp/
> > >
> > > Will this work?
> > >
> > > class-map WEB-APP
> > > match protocol http url "http://www.web-based-app.com/webapp/"
> >
> >My notes from practicing this topic say that you need to put wildcards
> >or else it will match only what you specify for the URL field, so
> >try this:
> >
> > match protocol http url "http://www.web-based-app.com/webapp/*"
> >
> >Although I could be wrong?
> >
> > > In the lab, if giving a similar fake url, is there any way to verify
> > > my config is correct?
> >
> >I can't think of any other than knowing how it works before hand :(
> >
> >
> >Steve
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Scott Morris: "RE: NAT vs SLB"
• Previous message: asadovnikov: "RE: load balancing problem"
• Maybe in reply to: ccie2be: "using NBAR to match web traffic"
• Next in thread: Sean C: "Re: using NBAR to match web traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:40 GMT-3