From: Ian Blaney (ian.blaney@gmail.com)
Date: Sun Feb 18 2007 - 07:38:21 ART
Victor
Could the DIE-SCUM class-map not be shortened to the following
class-map match-all DIE-SCUM
description DROP IMAGES FROM THAT WEB SERVER
match class-map IMAGES
match class-map POLICE
Also to match on images do you not use the mime option instead of url
class-map match-any IMAGES
description MATCH ANY IMAGE
match protocol http mime "*jpeg"
match protocol http mime "*jpg"
match protocol http mime "*gif"
Ian
On 2/18/07, Victor Cappuccio <victor@ccbootcamp.com> wrote:
> Hi Jo,
>
> Try this and let me know your comments
>
> policy-map CCBOOTCAMP
> description THIS PLCY IS TAKEN FROM A DRAFT VERSION OF THE NEW NLI WB
> class DIE-SCUM
> drop
> class POLICE
> police 64000
> class class-default
> !
>
> class-map match-any IMAGES
> description MATCH ANY IMAGE
> match protocol http url "*.jpg"
> match protocol http url "*.gif"
> match protocol http url "*.jpeg"
>
> class-map match-all POLICE
> description LETS POLICE BROWSING TO THAT WEBSERVER
> match protocol http host "www.acmecomputers.com"
> match protocol http url "/directory/*"
> match access-group 100
>
> class-map match-all DIE-SCUM
> description DROP IMAGES FROM THAT WEB SERVER
> match class-map IMAGES
> match protocol http host "www.acmecomputers.com"
> match protocol http url "/directory/*"
> match access-group 100
> !
>
> access-list 100 permit ip any any
>
>
> int f0/2
> service-policy inbound CCBOOTCAMP
>
>
> if you need help in the verification, let me know, maybe we can share a rack,
> and explain how to test this.
>
> thanks,
> Victor Cappuccio.-
> Network Learning Inc - A Cisco Sponsored Organization (SO) YES! We take
> Cisco Learning credits!
> victor@ccbootcamp.com
> http://www.ccbootcamp.com (Cisco Training and Rental Racks)
> http://www.ccbootcamp.com/groupstudy.html (groupstudy member discounts!)
> Voice: 702-968-5100
> FAX: 702-446-8012
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com on behalf of Jo Johnson
> Sent: Sat 2/17/2007 13:00
> To: Cisco certification
> Subject: NBAR question
>
> Hi all,
>
> Here is another NBAR question. In general, I have a hard time understanding
> the definition of the "match protocol http (host, url, and mime) command,
> but I have some examples of my interpretation below:
>
>
> I want to police response traffic from www.acmecomputers.com/files except
> images--that I want to drop.
>
> Question-Is it possible to combine the host www.acmecomputers.com and the
> url /files into one match statement. Also, what are your thoughts on my
> solution below?
>
> Thanks
>
> class-map IMAGES
> match protocol http url *.jpeg
> match protocol http url *.jpg
> match protocol http url *.gif
>
> class-map match-all ACME_TRAFFIC
> match protocol http host www.acmecomputers.com
> match protocol http url /directory*
>
> policy-map DROPIT
> class IMAGES
> drop
>
> policy-map POLICE
> class ACME_TRAFFIC
> service-policy input DROPIT
> police 640000 conform transmit exceed drop
>
>
> interface fa0/0
> service-policy input POLICE
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART