match protocol http url

From: nhqky888@ybb.ne.jp
Date: Sun Sep 04 2005 - 01:28:38 GMT-3

• Next message: nenad pudar: "Changing the distance for specific subset of OSPF routes"
• Previous message: John Matus: "Re: How to guarantee the latency"
• Next in thread: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Gajewski Mariusz - TP POLPAK: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Rob Nockowitz: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Rob Nockowitz: "RE: match protocol http url"
• Maybe reply: kumara.shunmugam@wipro.com: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Scott Morris: "RE: match protocol http url"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all,

Here is a task,

Inbound http traffic including .gif, .jpeg, .jpg should be limited to 100K.
All any other http files should be droped.

My solution;

ip cef
!
 class-map match-any police
  match protocol http url "*.gif"
  match protocol http url "*.jpg"
  match protocol http url "*.jpeg"
 class-map match-all drop
  match not class-map police
  match protocol http url "*.*"
!
!
 policy-map NBAR
  class police
   police cir 100000
     conform-action transmit
     exceed-action drop
  class drop
   drop
!
interface Ethernet0/0.9
 encapsulation dot1Q 9
 ip address 1.1.9.3 255.255.255.0
 service-policy input NBAR
!

Does "*.*" mean any http files on my soluiton?

Correct me if I am wrong.

KY

• Next message: nenad pudar: "Changing the distance for specific subset of OSPF routes"
• Previous message: John Matus: "Re: How to guarantee the latency"
• Next in thread: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: John Matus: "Re: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Gajewski Mariusz - TP POLPAK: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Rob Nockowitz: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Rob Nockowitz: "RE: match protocol http url"
• Maybe reply: kumara.shunmugam@wipro.com: "RE: match protocol http url"
• Maybe reply: Chris Lewis \(chrlewis\): "RE: match protocol http url"
• Maybe reply: Scott Morris: "RE: match protocol http url"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:14 GMT-3