From: Scott Morris (swm@emanon.com)
Date: Sun Feb 04 2007 - 18:23:53 ART
Well... From a header detail I'd agree with you, but that also depends on
whether NBAR puts URI information together or not. (not to mention the
example given there is a forwarder anyway)
And I'm not currently set up passing through a device that I can put QoS on
to quickly test whether something will still match. You're right though, in
the header the host field and URI (all part of the URL) are separated into
different fields.
All of the examples give though tend to pull things together, so....
*shrug* Could be incorrect documentation.
Anyone care to test it out and see if some matches occur or not? (pick
something that doesn't redirect/forward you to someplace else though!)
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Ivan
Sent: Sunday, February 04, 2007 4:00 PM
To: ccielab@groupstudy.com; Thomas.W.Johnson@chase.com
Subject: Re: QoS Question
class-map match-all CISCO.COM
match ip acl 101
match protocol http host "www.cisco.com"
match protocol http url "/go/ccie"
acl 101 permit ip 10.10.10.0 0.0.0.255 any
HTTP request send from browser to server dump below.
match protocol http host seek for equal field value at the "Host:" string,
match protocol http url in "GET " string.
Common error is match url as entire string "www.cisco.com/go/ccie". You see
here that it is not possible.
GET /go/ccie HTTP/1.1[CRLF]
Host: www.cisco.com[CRLF]
Connection: close[CRLF]
Accept-Encoding: gzip[CRLF]
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=
0.8,image/png,*/*;q=0.5
[CRLF]
Accept-Language: en-us,en;q=0.5[CRLF]
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7[CRLF]
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010
Firefox/2.0 Web-Sniffer/1.0.24[CRLF]
Referer: http://web-sniffer.net/[CRLF]
[CRLF]
On Sunday 04 February 2007 23:15, Thomas.W.Johnson@chase.com wrote:
> I have a rather complex Qos question. How do you match return traffic
> from a URL? For example, I want to match return traffic from users on
> subnet
> 10.10.10.0/24 that are accessing the URL www.cisco.com/go/ccie
>
> I saw in the documentation there are three match protocol http commands.
> Match protocol http url, match protocol http c-header and match
> protocol http s-header and I have a hunch the solution is in one of
> these commands combined with an access-list, but I did not find the
> documentation about these commands very clear.
>
> Thanks in advance
>
> - Thomas
>
>
> **********************************************************************
> This transmission may contain information that is privileged,
> confidential, legally privileged, and/or exempt from disclosure under
> applicable law. If you are not the intended recipient, you are hereby
> notified that any disclosure, copying, distribution, or use of the
> information contained herein (including any reliance thereon) is
> STRICTLY PROHIBITED. Although this transmission and any attachments
> are believed to be free of any virus or other defect that might affect
> any computer system into which it is received and opened, it is the
> responsibility of the recipient to ensure that it is virus free and no
> responsibility is accepted by JPMorgan Chase & Co., its subsidiaries
> and affiliates, as applicable, for any loss or damage arising in any
> way from its use. If you received this transmission in error, please
> immediately contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format. Thank you.
> **********************************************************************
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
-- Ivan
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:46 ART