Re: NBAR and Dynamips

From: Azher (azheramin@gmail.com)
Date: Sun Jul 13 2008 - 20:47:44 ART

• Next message: Igor Manassypov: "RE: Intra-VLAN connectivity - IEWB lab 4 (dynamips workbook)"
• Previous message: Matt Sherman: "RE: Spanning Tree in Dynamips"
• Maybe in reply to: omar parihuana: "NBAR and Dynamips"
• Next in thread: Hobbs: "Re: NBAR and Dynamips"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Here is my config for dynamips (on linux) and nbar works:

R1 (client 3640) <----- R3 (http server 7206)

R1#copy http://3.3.3.3/test.gif null:
%Error opening http://3.3.3.3/test.gif (I/O error)
R1#

R3#sh policy-map int
 Serial1/0

  Service-policy output: DROP_IMAGES

    Class-map: IMAGES (match-all)
      53 packets, 9600 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: protocol http url "*.gif"
      drop

    Class-map: class-default (match-any)
      108 packets, 10007 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
R3#

class-map match-all IMAGES
 match protocol http url "*.gif"
!
policy-map DROP_IMAGES
 class IMAGES
   drop
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
 ip address 150.1.13.2 255.255.255.0
 serial restart-delay 0
 service-policy output DROP_IMAGES

!!!!!!!!!!! works with both service in / out

username R1 privilege 15 password 0 cisco
!
ip http server
ip http authentication local
no ip http secure-server
ip http path disk0:
!

R3#dir
Directory of disk0:/

    1 -rw- 1338 Jul 13 2008 15:30:36 +00:00 test.gif
    2 -rw- 1338 Jul 13 2008 15:30:46 +00:00 test.jpg
    3 -rw- 1338 Jul 13 2008 15:30:50 +00:00 test.jpeg

66830336 bytes total (66818048 bytes free)
R3#

--- on R1 -----
ip http client username R1
ip http client password 7 05080F1C2243

On Sun, Jul 13, 2008 at 1:21 PM, Ramy Sisy <ramysisy@inspiredmaster.com>
wrote:

> Hi Omar,
> How could you test it?
> Are you requesting any image files with the right path direction to trigger
> the filter?
>
>
> BEST REGARDS,
>
> RAMY SISY, CCIE X 2 (SECURITY, ROUTING/SWITCHING)#17321, CCSI#30417
> CCIE PROGRAM MANAGER
>
> INSPIRED MASTER
> INSPIRING CREATIVE THINKING ....
>
> WWW.INSPIREDMASTER.COM
> E. RAMYSISY@INSPIREDMASTER.COM
>
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> omar
> parihuana
> Sent: Sunday, July 13, 2008 12:26 PM
> To: Cisco certification
> Subject: NBAR and Dynamips
>
> Hi List,
>
> I'm using Dynamips for replicate the labs of Internetwork Expert Vol I
> v4.1.
> I have an issue with Security part, specifically: Using NBAR to Filter
> Traffic, the labs is very simple, but is not working with my
> Dynagen/Dynamips. my questions is NBAR working well with Dynamips??? The
> configuration part is:
>
> class-map match-any IMAGES
> match protocol http url "*.gif"
> match protocol http url "*.jpeg|*.jpg"
> !
> !
> policy-map DROP_IMAGES
> class IMAGES
> drop
> !
>
> int s0/1
> service-policy input DROP_IMAGES
> int s0/0.201
> service-policy input DROP_IMAGES
> !
>
> But in accordance to tests, the files con extensions .gif, .jpg or jpeg
> never are blocked. I don't see nothing wrong, so what is the error??
>
> R4#sh policy-map interface s0/1
> drop
> Serial0/1
>
> Service-policy input: DROP_IMAGES
>
> Class-map: IMAGES (match-any)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http url "*.gif"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.jpeg|*.jpg"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
>
> Class-map: class-default (match-any)
> 15 packets, 1260 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
> R4#sh policy-map interface s0/0.201
>
> drop
> Serial0/0.201
>
> Service-policy input: DROP_IMAGES
>
> Class-map: IMAGES (match-any)
> 0 packets, 0 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: protocol http url "*.gif"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
> Match: protocol http url "*.jpeg|*.jpg"
> 0 packets, 0 bytes
> 5 minute rate 0 bps
>
> Class-map: class-default (match-any)
> 25 packets, 3674 bytes
> 5 minute offered rate 0 bps, drop rate 0 bps
> Match: any
> R4#
>
> Rgds.
>
>
> --
> Omar E.P.T
> -----------------
> Certified Networking Professionals make better Connections!
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Igor Manassypov: "RE: Intra-VLAN connectivity - IEWB lab 4 (dynamips workbook)"
• Previous message: Matt Sherman: "RE: Spanning Tree in Dynamips"
• Maybe in reply to: omar parihuana: "NBAR and Dynamips"
• Next in thread: Hobbs: "Re: NBAR and Dynamips"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:54 ART