oh the match protocol http host *yahoo* will match any of the following:
yahoo.com
yahoo.net
mail.yahoo.org
googling.yahoo.net
groupstudy.ccie.yahoo.co.za
etc
etc
etc
On Thu, Feb 11, 2010 at 11:01 PM, Ruhann <groupstudy_at_ru.co.za> wrote:
> This is has been asked many times before :)
>
> Generally with mutliple match commands you need the match-any.
> Match-any means 'as long as one of the statements matches, then execute
> class-map
> Match-all means EVERY match statement must be met.
>
> For what you want to do you need one line. Then match-any or match-all is
> irrelevant
> To block any URL host containing the word yahoo:
> match protocol http host *yahoo* >>> the "" "" is auto
> inserted by IOS
>
>
>
> Re your entries:
>
> Match: protocol http mime "*.yahoo.com" > no such mime type.
> Wont match anything
>
> Match: protocol http url "*.yahoo.com" > valid for block the
> anything at yahoo.com, ie mail.yahoo, news.yahoo.com etc
>
> Match: protocol http url "*.yahoo.com/*" > same as previous,
> the 2nd * has no effect since after /.
>
> Match: protocol http url "*yahoo.com*" > pointless, will
> match examples mail.yahoo.comhere and news.yahoo.commando
>
> Match: protocol http url "*" > will match
> all URL host names
>
> Match: protocol http host "*yahoo*" > valid, will
> match any URL host containing yahoo
>
>
> For extensive examples how to use the NBAR with a match command, see this
> article I did a while back:
> blog.ru.co.za/2009/02/15/using-nbar-to-match-web-traffic/
>
> HTH
>
> --
> <ruhann>
> blog.ru.co.za
>
>
> On Thu, Feb 11, 2010 at 8:21 PM, Mark Stephanus Chandra <
> mark.chandra_at_gmail.com> wrote:
>
>> Hi Guys,
>>
>>
>>
>> Have you ever tried filtering url in cisco router ?
>>
>>
>>
>> Well, I just tried it and it doen't work, don't know what's wrong.
>>
>>
>>
>> This is my config for class-map
>>
>>
>>
>> Class-map: mark (match-all)
>>
>> 0 packets, 0 bytes
>>
>> 5 minute offered rate 0 bps, drop rate 0 bps
>>
>> Match: protocol http mime "*.yahoo.com"
>>
>> Match: protocol http url "*.yahoo.com"
>>
>> Match: protocol http url "*.yahoo.com/*"
>>
>> Match: protocol http url "*yahoo.com*"
>>
>> Match: protocol http url "*"
>>
>> Match: protocol http host "*yahoo*"
>>
>> Drop
>>
>>
>>
>> As you can see, First, the only thing i want to do is just to filter
>> everything about yahoo.
>>
>>
>>
>> But, it seems like no effect in this scheme, so I just tried to block it
>> all
>> by using match protocol http *
>>
>> But the result is, I still can browse to web sites, no effect at all
>>
>>
>>
>> So the scenario is, I just have one router with two interfaces
>>
>>
>>
>> One going to inside and the other going outside
>>
>>
>>
>> These are the configs :
>>
>>
>>
>> interface Ethernet0/0
>>
>> description Outside
>>
>> ip address
>> ip nat outside
>>
>> ip virtual-reassembly
>>
>> half-duplex
>>
>> service-policy input mark
>>
>> !
>>
>> interface FastEthernet0/0
>>
>> description Inside
>>
>> ip address 192.168.1.1 255.255.255.0
>>
>> ip nat inside
>>
>> ip virtual-reassembly
>>
>> speed auto
>>
>> service-policy input mark
>>
>> service-policy output mark
>>
>>
>>
>> any clue whats wrong ?
>>
>> Regards
>>
>> Mark Stephanus Chandra - CCIE#23887
>> IT Consultant
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> <ruhann>
> blog.ru.co.za
>
-- <ruhann> blog.ru.co.za Blogs and organic groups at http://www.ccie.netReceived on Thu Feb 11 2010 - 23:03:02 ART
This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 06:28:35 ART