01-25-2002 03:09 PM - edited 03-01-2019 08:13 PM
Router(config-pmap)#police 1000000 31250 31250 conform-action drop exceed-action drop violate-action drop
In this example, what does the numbers "1000000 31250 31250" correlate with? Is it correlating with the string matching?
I got it from url: http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml#1
The url shows two string matching:
#match protocol http url "*cmd.exe*
#match protocol http url "*root.exe*"
I want to use:
class-map match-any http-hacks
match protocol http url "*default.ida*"
match protocol http url "*x.ida*"
match protocol http url "*.ida*"
match protocol http url "*cmd.exe*"
match protocol http url "*root.exe*"
match protocol http url "*readme.eml*"
02-01-2002 04:42 PM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
Thank you for posting.
02-04-2002 02:27 PM
These numbers refer to "average rate", "normal burst size", and "excess burst size" respectively.
More information here:
and,
http://www.cisco.com/warp/public/105/carburstvalues.html
Hope that helped,
Mustafa Hussein
LAN/WAN Specialist
Comark, Inc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide