Re: Match Protocol

From: lalit gupta (lalit.tech@gmail.com)
Date: Mon Oct 08 2007 - 06:04:10 ART

Hi Subodh,

Whatever you said is RIGHT... i did little research on it and found the same
answer..

thanks.

On 10/8/07, subodh.rawat@wipro.com <subodh.rawat@wipro.com> wrote:
>
> You are right. You got the Binary operation correct. "match-all" option
> is optional.
>
> But as you asked .............."Dont you think it should be match-any
> instead of match all here.. bcoz
> it means any of the image matched... if we say match all , it means all
> should be there to drop it."..............my understanding is that for
> single line statement it can be either "match-all" or "match-any".
>
> HTH
> Subodh
>
>
> ------------------------------
> *From:* lalit gupta [mailto:lalit.tech@gmail.com]
> *Sent:* Monday, October 08, 2007 11:35 AM
> *To:* Subodh Singh Rawat (WT01 - TELECOM SERVICE PROVIDER)
> *Cc:* joe@affirmedsystems.com; Thomas.W.Johnson@chase.com;
> ccielab@groupstudy.com
> *Subject:* Re: Match Protocol
>
>
> Hi Subodh,
> i do agree, but it will match DNS and with either Jpg , jpeg or gif...
> Means in single line it will OR and and for both the lines it will AND.
>
> Please correct me if I am wrong or reply if you are agree.
>
> Rgrds
> lalit
>
> On 10/8/07, subodh.rawat@wipro.com <subodh.rawat@wipro.com > wrote:
> >
> > My understanding says that "match-all" or "match-any" applies per line.
> >
> > E.g
> > class-map match-all IMAGES
> > match protocol http url "*.jpg|*.jpeg|*.gif"
> > match protocol dns
> >
> > This will match for AND operation of 1st line and second line.
> >
> > Please correct me if I am wrong.
> >
> > HTH
> > Subodh
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > lalit gupta
> > Sent: Monday, October 08, 2007 10:52 AM
> > To: Joseph Brunner
> > Cc: Thomas.W.Johnson@chase.com; ccielab@groupstudy.com
> > Subject: Re: Match Protocol
> >
> > HI Joseph,
> >
> >
> >
> > i do agree with your configuration but i differ on one statement
> >
> > class-map match-all IMAGES
> > match protocol http url "*.jpg|*.jpeg|*.gif"
> >
> > Dont you think it should be match-any instead of match all here.. bcoz
> > it means any of the image matched... if we say match all , it means all
> > should be there to drop it.
> >
> > Correct me if i m wrong.,
> >
> >
> > rgrds
> > lalit
> >
> > On 10/6/07, Joseph Brunner <joe@affirmedsystems.com> wrote:
> > >
> > > Thomas,
> > >
> > > The great Mr. Cappuccio has answered this before... here is my version
> >
> >
> > > of his wonderful config. Forget CCO its not much help for this. Oh,
> > > and yeah I tested it in my office... it works!
> > >
> > >
> > > access-list 100 remark to VLAN_34
> > > access-list 100 permit tcp any eq www 10.1.34.0 0.0.0.25
> > >
> > > class-map match-all IMAGES
> > > match protocol http url "*.jpg|*.jpeg|*.gif"
> > >
> > > class-map match-all POLICE
> > > match access-group 100
> > > match protocol http host "www.affirmedsystems.com"
> > > match protocol http url "directory/*"
> > >
> > > class-map match-all DIE
> > > match access-group 100
> > > match protocol http host "www.affirmedsystems.com"
> > > match protocol http url "directory/*"
> > > match class-map IMAGES
> > >
> > > policy-map WEBPOLICY
> > > class DIE
> > > drop
> > > class POLICE
> > > police cir 512000
> > > class class-default
> > >
> > >
> > > int f0/0
> > > desc facing lan
> > > service-policy output WEBPOLICY
> > >
> > > -Joe
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> > > Of Thomas.W.Johnson@chase.com
> > > Sent: Friday, October 05, 2007 2:16 PM
> > > To: ccielab@groupstudy.com
> > > Subject: Match Protocol
> > >
> > > I'm ran across a question that wanted you to limit all return traffic
> > > from www.thiswebsite.com/thisdirectory destined for a specific VLAN to
> >
> >
> > > whatever, 512k, and drop any image files (jpg, bmp or gif) from this
> > > website.
> > > How do you match the image files? I assume it's with the match
> > > protocol http command, however, what parameters do you use? Do I need
> >
> >
> > > to use the match protocol http with the mime parameter or do I use
> > > match protocol http with url *.jpg | *.bmp | *.gif? I just don't
> > > understand how you match image files with the match protocol command.
> > >
> > >
> > >
> > > Thanks in advance.
> > >
> > >
> > >
> > > Thomas
> > > Johnson
> > >
> > > JP Morgan Chase
> > >
> > > Global Network Implementation
> > > -----------------------------------------
> > > This transmission may contain
> > > information that is privileged,
> > > confidential, legally privileged, and/or exempt from disclosure under
> > > applicable law. If you are not the intended recipient, you are hereby
> >
> >
> > > notified that any disclosure, copying, distribution, or use of the
> > > information contained herein (including any reliance
> > > thereon) is
> > > STRICTLY PROHIBITED. Although this transmission and any attachments
> > > are believed to be free of any virus or other defect that might affect
> >
> > > any computer system into which it is received and opened, it is the
> > > responsibility of the recipient to ensure that it is virus free and no
> >
> >
> > > responsibility is accepted by JPMorgan Chase & Co., its subsidiaries
> > > and affiliates, as applicable, for any loss or damage arising in any
> > > way from its use.
> > > If you
> > > received this transmission in error, please immediately contact the
> > > sender and destroy the material in its entirety, whether in electronic
> >
> > > or hard copy format. Thank you.
> > >
> > > ______________________________________________________________________
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > ______________________________________________________________________
> > > _ Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > The information contained in this electronic message and any attachments
> > to this message are intended for the exclusive use of the addressee(s) and
> > may contain proprietary, confidential or privileged information. If you are
> > not the intended recipient, you should not disseminate, distribute or copy
> > this e-mail. Please notify the sender immediately and destroy all copies of
> > this message and any attachments.
> >
> > WARNING: Computer viruses can be transmitted via email. The recipient
> > should check this email and any attachments for the presence of viruses. The
> > company accepts no liability for any damage caused by any virus transmitted
> > by this email.
> >
> > www.wipro.com
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s) and
> may contain proprietary, confidential or privileged information. If you are
> not the intended recipient, you should not disseminate, distribute or copy
> this e-mail. Please notify the sender immediately and destroy all copies of
> this message and any attachments. WARNING: Computer viruses can be
> transmitted via email. The recipient should check this email and any
> attachments for the presence of viruses. The company accepts no liability
> for any damage caused by any virus transmitted by this email.
> www.wipro.com

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:12 ART