From: Ivan (ivan@iip.net)
Date: Sun Feb 04 2007 - 18:00:08 ART
class-map match-all CISCO.COM
match ip acl 101
match protocol http host "www.cisco.com"
match protocol http url "/go/ccie"
acl 101 permit ip 10.10.10.0 0.0.0.255 any
HTTP request send from browser to server dump below.
match protocol http host seek for equal field value at the "Host:" string,
match protocol http url in "GET " string.
Common error is match url as entire string "www.cisco.com/go/ccie". You see
here that it is not possible.
GET /go/ccie HTTP/1.1[CRLF]
Host: www.cisco.com[CRLF]
Connection: close[CRLF]
Accept-Encoding: gzip[CRLF]
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
[CRLF]
Accept-Language: en-us,en;q=0.5[CRLF]
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7[CRLF]
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010
Firefox/2.0 Web-Sniffer/1.0.24[CRLF]
Referer: http://web-sniffer.net/[CRLF]
[CRLF]
On Sunday 04 February 2007 23:15, Thomas.W.Johnson@chase.com wrote:
> I have a rather complex Qos question. How do you match return traffic from
> a URL? For example, I want to match return traffic from users on subnet
> 10.10.10.0/24 that are accessing the URL www.cisco.com/go/ccie
>
> I saw in the documentation there are three match protocol http commands.
> Match protocol http url, match protocol http c-header and match protocol
> http s-header and I have a hunch the solution is in one of these commands
> combined with an access-list, but I did not find the documentation about
> these commands very clear.
>
> Thanks in advance
>
> - Thomas
>
>
> **********************************************************************
> This transmission may contain information that is privileged, confidential,
> legally privileged, and/or exempt from disclosure under applicable law. If
> you are not the intended recipient, you are hereby notified that any
> disclosure, copying, distribution, or use of the information contained
> herein (including any reliance thereon) is STRICTLY PROHIBITED. Although
> this transmission and any attachments are believed to be free of any virus
> or other defect that might affect any computer system into which it is
> received and opened, it is the responsibility of the recipient to ensure
> that it is virus free and no responsibility is accepted by JPMorgan Chase &
> Co., its subsidiaries and affiliates, as applicable, for any loss or damage
> arising in any way from its use. If you received this transmission in
> error, please immediately contact the sender and destroy the material in
> its entirety, whether in electronic or hard copy format. Thank you.
> **********************************************************************
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
-- Ivan
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:46 ART