From: omar parihuana (omar.parihuana@gmail.com)
Date: Sun Jul 13 2008 - 16:25:40 ART
Hi List,
I'm using Dynamips for replicate the labs of Internetwork Expert Vol I v4.1.
I have an issue with Security part, specifically: Using NBAR to Filter
Traffic, the labs is very simple, but is not working with my
Dynagen/Dynamips. my questions is NBAR working well with Dynamips??? The
configuration part is:
class-map match-any IMAGES
match protocol http url "*.gif"
match protocol http url "*.jpeg|*.jpg"
!
!
policy-map DROP_IMAGES
class IMAGES
drop
!
int s0/1
service-policy input DROP_IMAGES
int s0/0.201
service-policy input DROP_IMAGES
!
But in accordance to tests, the files con extensions .gif, .jpg or jpeg
never are blocked. I don't see nothing wrong, so what is the error??
R4#sh policy-map interface s0/1
drop
Serial0/1
Service-policy input: DROP_IMAGES
Class-map: IMAGES (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http url "*.gif"
0 packets, 0 bytes
5 minute rate 0 bps
Match: protocol http url "*.jpeg|*.jpg"
0 packets, 0 bytes
5 minute rate 0 bps
Class-map: class-default (match-any)
15 packets, 1260 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
R4#sh policy-map interface s0/0.201
drop
Serial0/0.201
Service-policy input: DROP_IMAGES
Class-map: IMAGES (match-any)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http url "*.gif"
0 packets, 0 bytes
5 minute rate 0 bps
Match: protocol http url "*.jpeg|*.jpg"
0 packets, 0 bytes
5 minute rate 0 bps
Class-map: class-default (match-any)
25 packets, 3674 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: any
R4#
Rgds.
-- Omar E.P.T ----------------- Certified Networking Professionals make better Connections!
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:54 ART