Mark,
Use URL Filtering instead of MQC if you want to block URL's. ZFW supports
local filtering so that would be a good place to start.
Regards,
Tyson Scott - CCIE #13513 R&S, Security, and SP
Technical Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com
Telephone: +1.810.326.1444, ext. 208
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Mark
Stephanus Chandra
Sent: Thursday, February 11, 2010 1:22 PM
To: 'Cisco certification'
Subject: URL Filtering on Cisco
Hi Guys,
Have you ever tried filtering url in cisco router ?
Well, I just tried it and it doen't work, don't know what's wrong.
This is my config for class-map
Class-map: mark (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: protocol http mime "*.yahoo.com"
Match: protocol http url "*.yahoo.com"
Match: protocol http url "*.yahoo.com/*"
Match: protocol http url "*yahoo.com*"
Match: protocol http url "*"
Match: protocol http host "*yahoo*"
Drop
As you can see, First, the only thing i want to do is just to filter
everything about yahoo.
But, it seems like no effect in this scheme, so I just tried to block it all
by using match protocol http *
But the result is, I still can browse to web sites, no effect at all
So the scenario is, I just have one router with two interfaces
One going to inside and the other going outside
These are the configs :
interface Ethernet0/0
description Outside
ip address
ip nat outside
ip virtual-reassembly
half-duplex
service-policy input mark
!
interface FastEthernet0/0
description Inside
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
speed auto
service-policy input mark
service-policy output mark
any clue whats wrong ?
Regards
Mark Stephanus Chandra - CCIE#23887
IT Consultant
Blogs and organic groups at http://www.ccie.net
Received on Thu Feb 11 2010 - 13:36:26 ART
This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 06:28:35 ART