From: Cyrus (cyrus.mgh@gmail.com)
Date: Sat Jan 24 2009 - 12:36:56 ARST
Roger,
sound good to me. u should match all on both host and url as u did, since
they treated separately in NBAR.
Cyrus
On Sun, Jan 25, 2009 at 12:34 AM, Roger RPF <rpf@bluemail.ch> wrote:
> Hi group,
>
> Question regarding nbar and the class-maps. If the task tells to block all
> .jpeg and .gif from www.cisco.com/ccie how do you create the class map? Do
> we need to include the hostname part? If I look at the following link on
> the
> doccd, they say no:
>
>
> http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nb
> ar_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1051880<http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nbar_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1051880>
>
> But to me, this would mean that we would also block .jpeg and .gif for the
> site www.dontcheat.com/ccie or not?
>
> My solution:
>
> class-map match-all URL
> match protocol http host www.cisco.com
> match protocol http url "/ccie"
> match class-map URLCHILD
>
> class-map match-any URLCHILD
> match protocol http url "*.gif*"
> match protocol http url "*.jpg*"
> match protocol http url "*.jpeg*"
>
> What do you think?
>
> thanks
>
> Roger
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Sirus Moghadasian CCIE #21862 (R&S)Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:39 ARST