From: Jason Morris (mcnever@gmail.com)
Date: Mon Feb 16 2009 - 13:20:29 ARST
Wow, great explanation Ruhann.
I'll get right to memorizing that. But just in case has anyone found any
good source of information on mime types on the doccd?
Thanks
Jason
On Sun, Feb 15, 2009 at 3:24 AM, Ruhann <groupstudy@ru.co.za> wrote:
> Hi
>
> If you used google images to test matching the "http url", your policy wont
> block the images, as the google URL doesn't contain your matching string
> "*.jpeg"
> and your second class-map the matches are incorrect.
>
> "http host" - matches the domain names ie:
> match protocol http host *youtube.com*|*video.google.com*
>
> "http url"- mathes additional strings in the URL, words after the first /
> match protocol http url *.flv|*.mp4|*.m4v|*.m4a|*.3gp|*.mov
>
> "http mime-type" - used to match file types, (your matches are not in
> REGEX,
> as it matches a mime type/suffic) ie
> match protocol http mime image/jpeg
> ! This would match jpeg,jpg,jpe,jfif,pjpeg, and pjp types
> !
> match protocol http mime image/jpg
> ! This would not match anything as it is not a proper mime type.
> !
> match protocol http mime image*
> ! This would match all image mime types
> !
> match protocol http mime application/x-shockwave-flash
> ! This would not only match swf flash movies, but all of flash.
> !
> match protocol http mime
> video/flv|video/x-flv|video/mp4|video/x-m4v|audio/mp4a-latm
> ! This would block most movie formats
>
> So to block all JPG, JPEG images from, the following should work,
> class-map JPEGS
> match protocol http mime image/jpeg
> policy-map DROP
> class JPEGS
> drop
> int s1/0
> service-policy input DROP
>
> You can get your MIME type from here :
> http://www.sfsu.edu/training/mimetype.htm
>
> HTH
> <ruhann>
>
>
> On Fri, Feb 6, 2009 at 12:20 AM, robert nowosadzki <rnowosadzki@yahoo.com
> >wrote:
>
> > What is the correct config when it comes to mime matching? I have been
> > playing with this and the only results that I get are with the following
> > config:
> >
> > class-map match-any IMAGES
> > match protocol http url "*.jpg"
> > match protocol http url "*.jpeg"
> >
> > policy-map IMAGES_PM
> > class IMAGES
> > drop
> >
> > int fa0/0
> > serice-policy input IMAGES_PM
> >
> > My setup is basically a laptop connected to a router (fa0/1) and the
> router
> > (fa0/0) is connected to the internet. For testing I go to google images
> and
> > try to browse .jpg or .jpeg images.
> >
> > I have also tried the config below, but that does not produce any hits on
> > the policy-map.
> >
> > class-map match-any IMAGES
> > match protocol http mime "*.jpg"
> > match protocol http mime "*.jpeg"
> >
> > Any help is greatly appreciated.
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> <ruhann>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST