cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4579
Views
0
Helpful
5
Replies

Allow only maps.google.com

grigansky
Level 1
Level 1

Hello, have a problem with rule for ASA 5505. I need block all tarffic except maps.google.com:


regex googleMAP "maps\.google\.com"

class-map type inspect http match-all BlockDomainsClass
match not request header host regex class DomainBlockList

policy-map type inspect http http_incspect_policy
parameters
  protocol-violation action drop-connection
match request method connect
  drop-connection log
class BlockDomainsClass
  reset log


This rule works, but not all maps are opened and maps are partially.

How I can use all ip maps.google.com:

74.125.87.103
74.125.87.105
74.125.87.99
74.125.87.104
74.125.87.106
74.125.87.147


in rule?

1 Accepted Solution

Accepted Solutions

Magnus Mortensen
Cisco Employee
Cisco Employee

Dmitry,

     More likely than not, google maps uses a lot of different domains then just maps.google.com for context and files to load the maps. I highly suggest you install the "Tamper Data" extension in Firefox as it will list all the requests your browser makes. That way you can see what domains and sub-domains are involved in loading google maps. You can get Tamper Data here:

https://addons.mozilla.org/en-US/firefox/addon/966/

Once installed, load it from Firefox's tools menu. Once it is open, browse and use google maps. Youw ill see all the requests made and the URLs. That way you can adjust and tune your policy accordingly.

When I tested just now I saw:

maps.google.com

maps.gstatic.com

mt0.google.com

mt1.google.com

Go ahead and try it your self and see what you find!

- Magnus

View solution in original post

5 Replies 5

Magnus Mortensen
Cisco Employee
Cisco Employee

Dmitry,

     More likely than not, google maps uses a lot of different domains then just maps.google.com for context and files to load the maps. I highly suggest you install the "Tamper Data" extension in Firefox as it will list all the requests your browser makes. That way you can see what domains and sub-domains are involved in loading google maps. You can get Tamper Data here:

https://addons.mozilla.org/en-US/firefox/addon/966/

Once installed, load it from Firefox's tools menu. Once it is open, browse and use google maps. Youw ill see all the requests made and the URLs. That way you can adjust and tune your policy accordingly.

When I tested just now I saw:

maps.google.com

maps.gstatic.com

mt0.google.com

mt1.google.com

Go ahead and try it your self and see what you find!

- Magnus

Thanks for the idea. Nevertheless, how I can use ip for filtering http

Dmitry,

     I would not use IP addresses for HTTP filtering since IP address will, and do, change often. basing it on the hostname (via regex) is much more resilient to changing IP addresses.

- Magnus

Thank you

Extension no longer valid.

 

This add-on is not compatible with your version of Firefox.

Tamper Data by Adam Judson

Restart RequiredRestart Required
Not compatible with Firefox QuantumNot compatible with Firefox Quantum

Use tamperdata to view and modify HTTP/HTTPS headers and post parameters...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: