Re: AW: nbar / http classification question

From: Han Solo (emaillists@me.com)
Date: Sat Jan 24 2009 - 13:52:30 ARST

• Next message: Han Solo: "Re: AW: nbar / http classification question"
• Previous message: Han Solo: "Re: AW: nbar / http classification question"
• Maybe in reply to: Roger RPF: "AW: nbar / http classification question"
• Next in thread: Han Solo: "Re: AW: nbar / http classification question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

lass Map match-all url (id 6)
    Match protocol http url "*.gif|*.jpg|*.jpeg"
    Match protocol http url "*/ccie*"
    Match protocol http host "http://www.cisco.com/"

INTERNET#
INTERNET#sh policy-map int g0/0
  GigabitEthernet0/0

   Service-policy input: url

     Class-map: url (match-all)
       0 packets, 0 bytes
       30 second offered rate 0 bps, drop rate 0 bps
       Match: protocol http url "*.gif|*.jpg|*.jpeg"
       Match: protocol http url "*/ccie*"
       Match: protocol http host "http://www.cisco.com/"
       drop

On Jan 24, 2009, at 7:49 AM, Han Solo wrote:

> I think it has to do with the "match-all" in the class map I am
> trying different things , bottom line with both of the examples
> posted so far there is no match. I have a 2851 as internet router at
> home to try and test them so I block my wife's stuff when I come
> home from work it really is good exercise to get these things
> down .. Curious why these one's aren't working ? If you want to
> jump on and test with me let me know i will start up a webex
>
>
> On Jan 24, 2009, at 7:35 AM, Roger RPF wrote:
>
>> Well, I did not try but I guess you would have to use:
>>
>> match protocol http url "*/ccie"
>>
>> or
>>
>> match protocol http url "go/ccie"
>>
>> if that is the exact url
>>
>> regards
>>
>> Roger
>>
>>
>> -----Urspr|ngliche Nachricht-----
>> Von: Han Solo [mailto:emaillists@me.com]
>> Gesendet: Samstag, 24. Januar 2009 16:30
>> An: Wouter Prins
>> Cc: Roger RPF; Cisco certification
>> Betreff: Re: nbar / http classification question
>>
>> That doesn't work I tried it
>>
>> INTERNET#sh policy-map interface g0/0
>> GigabitEthernet0/0
>>
>> Service-policy input: url
>>
>> Class-map: url (match-all)
>> 0 packets, 0 bytes -------> NO MATCHES WHEN GOING TO
>> WWW.CISCO.COM/GO/CCIE
>> 30 second offered rate 0 bps, drop rate 0 bps
>> Match: protocol http host "www.cisco.com"
>> Match: protocol http url "/ccie"
>> Match: protocol http url "*.gif|*.jpg|*.jpeg"
>> drop
>>
>>
>> class-map match-all url
>> match protocol http host "www.cisco.com"
>> match protocol http url "/ccie"
>> match protocol http url "*.gif|*.jpg|*.jpeg"
>>
>> policy-map url
>> class url
>> drop
>>
>>
>>
>>
>> On Jan 24, 2009, at 6:44 AM, Wouter Prins wrote:
>>
>>> I think:
>>>
>>> class-map match-all URL
>>> match protocol http host www.cisco.com
>>> match protocol http url "/ccie"
>>> match protocol http url "*.gif|*.jpg|*.jpeg"
>>>
>>> Would also work
>>> Wouter
>>>
>>> 2009/1/24 Roger RPF <rpf@bluemail.ch>
>>>
>>>> Hi group,
>>>>
>>>> Question regarding nbar and the class-maps. If the task tells to
>>>> block all
>>>> .jpeg and .gif from www.cisco.com/ccie how do you create the class
>>>> map? Do
>>>> we need to include the hostname part? If I look at the following
>>>> link on
>>>> the
>>>> doccd, they say no:
>>>>
>>>>
>>>>
>> http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nb
>>>>
>> ar_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1051880<http://www
>> .cisco.com/en/US/docs/ios/qos/configuration/guide/clsfy_traffic_nb
>> %0Aar_ps63
>> 50_TSD_Products_Configuration_Guide_Chapter.html#wp1051880
>>>>>
>>>>
>>>> But to me, this would mean that we would also block .jpeg and .gif
>>>> for the
>>>> site www.dontcheat.com/ccie or not?
>>>>
>>>> My solution:
>>>>
>>>> class-map match-all URL
>>>> match protocol http host www.cisco.com
>>>> match protocol http url "/ccie"
>>>> match class-map URLCHILD
>>>>
>>>> class-map match-any URLCHILD
>>>> match protocol http url "*.gif*"
>>>> match protocol http url "*.jpg*"
>>>> match protocol http url "*.jpeg*"
>>>>
>>>> What do you think?
>>>>
>>>> thanks
>>>>
>>>> Roger
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> Han Solo
>> May the force be with you
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>
> Han Solo
> May the force be with you
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>

Han Solo
May the force be with you

Blogs and organic groups at http://www.ccie.net

• Next message: Han Solo: "Re: AW: nbar / http classification question"
• Previous message: Han Solo: "Re: AW: nbar / http classification question"
• Maybe in reply to: Roger RPF: "AW: nbar / http classification question"
• Next in thread: Han Solo: "Re: AW: nbar / http classification question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:39 ARST