From: Sean C (Upp_and_Upp@hotmail.com)
Date: Sat Jun 04 2005 - 11:08:31 GMT-3
Hi Sumit,
I appreciate the answer because I'm an admitted newbie on this - but what is
the difference then? Or, more specifically, what is the value of using the
'match http host' command? I think I understand that 'match http host' will
just search the http header, and 'match http url' will look at the
requests - but I'm not sure why to use 'host' at all then.
I tried a couple of googles but still don't see the value. Appreciate any
help offered,
Sean
----- Original Message -----
From: <sumit.kumar@comcast.net>
To: "Sam Joseph" <samjoseph747@hotmail.com>; <ccie2be@nyc.rr.com>;
<stephentfisher@yahoo.com>; <ccielab@groupstudy.com>
Sent: Friday, June 03, 2005 8:23 PM
Subject: RE: using NBAR to match web traffic
> Remember "match http url' looks at the GET/PUT/TRACE etc. requests whereas
> "match http host" searches the host field in the http header.
>
> Google "http header" , lot of sites allow you to see the http header for
> any url. That will give a clear understanding.
>
> Sumit
> -------------- Original message --------------
>
>> How about this Config:
>>
>> class-map match-all WEB-APP
>> match protocol http host *www.web-based-app.com*
>> match protocol http url *webapp/*
>>
>> Thanks.
>>
>> >From: "ccie2be"
>> >Reply-To: "ccie2be"
>> >To: "'Stephen Fisher'" , "Group Study"
>> >
>> >Subject: RE: using NBAR to match web traffic
>> >Date: Fri, 3 Jun 2005 18:50:32 -0400
>> >
>> >Hey Steve,
>> >
>> >Actually, that missing * was a typo. I meant to include it.
>> >
>> >The reason I posted this question was because the IE Solution was
>> >different.
>> >
>> >This is the IE solution:
>> >
>> >class-map match-all WEB-APP
>> > match prot http host "www.web-based-app.com"
>> > match prot http url "webapp/*"
>> >
>> >
>> >As you can see, IE breaks it down into 2 match statements. And, I wanted
>> >to
>> >know if the way I thought of would work being that it's different from
>> >the
>> >IE Solution.
>> >
>> >I know that often there is more than 1 correct way to accomplish
>> >something
>> >but without knowing how to verify my config, I can't be sure if this is
>> >one
>> >of them.
>> >
>> >Thanks for getting back to me.
>> >
>> >-----Original Message-----
>> >From: Stephen Fisher [mailto:stephentfisher@yahoo.com]
>> >Sent: Friday, June 03, 2005 6:28 PM
>> >To: ccielab@groupstudy.com
>> >Cc: ccie2be
>> >Subject: Re: using NBAR to match web traffic
>> >
>> >On Fri, Jun 03, 2005 at 01:52:45PM -0400, ccie2be wrote:
>> >
>> > > I want to permit users to access only a web based application which
>> > > has a root directory of
>> > >
>> > > http://www.web-based-app.com/webapp/
>> > >
>> > > Will this work?
>> > >
>> > > class-map WEB-APP
>> > > match protocol http url "http://www.web-based-app.com/webapp/"
>> >
>> >My notes from practicing this topic say that you need to put wildcards
>> >or else it will match only what you specify for the URL field, so
>> >try this:
>> >
>> > match protocol http url "http://www.web-based-app.com/webapp/*"
>> >
>> >Although I could be wrong?
>> >
>> > > In the lab, if giving a similar fake url, is there any way to verify
>> > > my config is correct?
>> >
>> >I can't think of any other than knowing how it works before hand :(
>> >
>> >
>> >Steve
>> >
>> >_______________________________________________________________________
>> >Subscription information may be found at:
>> >http://www.groupstudy.com/list/CCIELab.html
>>
>> _________________________________________________________________
>> Express yourself instantly with MSN Messenger! Download today - it's
>> FREE!
>> http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:40 GMT-3