Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1208
Views
17
Helpful
6
Replies

youtube blocking

Go to solution
wasiimcisco
Level 1
Level 1

‎08-04-2008 07:27 PM - edited ‎03-06-2019 12:36 AM

i m trying to block the youtube on my network. I have confiugred the following things on my internet router.

class-map match-any youtube

match protocol http url "*youtube*"

!

!

policy-map p2p

class youtube

drop

interface GigabitEthernet0/1

ip nbar protocol-discovery

service-policy input p2p.

But still users are able to open youtube.

I m gettin hitcount on policy but unable to drop the youtube traffic.

Class-map: youtube (match-any)

1736 packets, 1044139 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: protocol http url "*youtube*"

1736 packets, 1044139 bytes

5 minute rate 0 bps

drop

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-04-2008 08:32 PM

again look at this

When specifying a URL for classification, include only the portion of the URL that follows the www.hostname.domain in the match statement. For example, for the URL www.cisco.com/latest/whatsnew.html, include only /latest/whatsnew.html

so "cisco" as "youtube" in ur case

compair and try upon the rules and file

and should work

please, if helpful Rate

good luck

View solution in original post

0 Helpful

Go to solution
Pari Thiagasundaram
Level 3
Level 3
In response to wasiimcisco

‎08-04-2008 09:00 PM

Its been a while for me to have run into this. Let me take a stab at it.

Can you try the following instead of wildcard mask that you have used:

match protocol http host *youtube.com

! This would match anything in youtube.com like http://www.youtube.com or http://video.youtube.com

View solution in original post

6 Replies 6

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni

‎08-04-2008 07:46 PM

When specifying a URL for classification, include only the portion of the URL that follows the www.hostname.domain in the match statement. For example, for the URL www.cisco.com/latest/whatsnew.html, include only /latest/whatsnew.html

Within NBAR, the match protocol http c-header-field command is used to specify that NBAR identify request messages (the "c" in the c-header-field portion of the command is for client). The match protocol http s-header-field command is used to specify response messages (the "s" in the s-header-field portion of the command is for server).

Examples

In the following example, any request message that contains "somebody@cisco.com" in the User-Agent, Referer, or From fields will be classified by NBAR. Typically, a term with a format similar to "somebody@cisco.com" would be found in the From header field of the HTTP request message.

match protocol http c-header-field "somebody@cisco.com"

In the following example, any request message that contains "http://www.cisco.com/routers" in the User-Agent, Referer, or From fields will be classified by NBAR. Typically, a term with a format similar to "http://www.cisco.com/routers" would be found in the Referer header field of the HTTP request message.

match protocol http c-header-field "http://www.cisco.com/routers"

and the source is as follow

http://www.cisco.com/en/US/docs/ios/12_4t/qos/configuration/guide/qsnbar1.html#wp1055866

please, Rate if helpful

and good luck

Go to solution
wasiimcisco
Level 1
Level 1
In response to Marwan ALshawi

‎08-04-2008 08:27 PM

thanks for the excellent explaination, but my question is that, why i m not able to block the desired keyword.

Nbar is enable on interface. particular keywrod exist in the the url. but still it is not working. what i m missing.

0 Helpful

Go to solution
Marwan ALshawi
VIP Alumni
VIP Alumni
In response to wasiimcisco

‎08-04-2008 08:32 PM

again look at this

When specifying a URL for classification, include only the portion of the URL that follows the www.hostname.domain in the match statement. For example, for the URL www.cisco.com/latest/whatsnew.html, include only /latest/whatsnew.html

so "cisco" as "youtube" in ur case

compair and try upon the rules and file

and should work

please, if helpful Rate

good luck

0 Helpful

Go to solution
Pari Thiagasundaram
Level 3
Level 3
In response to wasiimcisco

‎08-04-2008 09:00 PM

Its been a while for me to have run into this. Let me take a stab at it.

Can you try the following instead of wildcard mask that you have used:

match protocol http host *youtube.com

! This would match anything in youtube.com like http://www.youtube.com or http://video.youtube.com

Go to solution
ror.sanjeev
Level 1
Level 1
In response to Marwan ALshawi

‎09-02-2008 06:57 AM

Hi..I have done same thing as:

class-map match-all test

match protocol http url "youtube"

!

!

policy-map test

class test

set ip dscp default

enable ip nbar protocol-discovery on Fa5/1/1

following are access-list applied on fa5/1/1

40 deny ip any any dscp default (105222matches)

50 permit ip any any log (868 matches)

But it blocks all the site not even youtube.I am unable to open any site like yahoo,google,rediff etc.

Please tell me..

0 Helpful

Go to solution
Pari Thiagasundaram
Level 3
Level 3

‎08-04-2008 09:28 PM

Also, the one that you have :

match protocol http url "*youtube*"

would also match www.my-web-site.com/youtube.html which you dont want to do.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card