Today, while I was trying to keep my students awake during a CCNA1 presentation, I noticed that two of them were looking at 9Gag and they ignored me. Not that I was saying something so deep and meaningful but it was a little bit frustrating for me. So, as soon I finished my presentation, I opened a console to the local router (a Cisco 2821 ) and began to filter 9gag. Obviously you cannot do that with ACLs when you want to filter a website running on multiple addresses like 9gag. Even if you use hostname instead of an IP address, that hostname is resolved once using dns servers defined in your configuration and that’s it. So I used a policy and five minutes later those two were the frustrated ones. This is how I did it : ! class-map match-any URLFILTER match protocol http host *9gag.com ! policy-map DROPURL class URLFILTER drop ! ! interface FastEthernet 0/1 desc Internal service-policy input DROPURL ! And that was it. Next time, facebook, prepare your url, I wanna filter you. Or, using CBAC (Context-Based Access Control) : ! ip inspect name WEBFILTER http urlfilter ip urlfilter allow-mode on ip urlfilter exclusive-domain deny…
Adapt. Enjoy. Survive.
Ultimele comentarii:
Dop simplu, apoi venit cei de la Radet să constate. Atât.
Salut ! Închiderea țevilor la apa calda/caldura s a făcut cu dop sau surde? Este obligatoriu și sigiliu pe ele…
Garmin nu stie baiatu', nu umblu cu lucruri de-astea scumpe. :O La carduri - Virtual Cards - le-a luat direct…
Cum ziceam și mai sus, am avut de exemplu belele cu Garmin. Aplicația fiind legată la ceas/senzori de pe bicicleta…
Cei de la Pasărea Colibri aveau o melodie numită “Puterea obișnuinței” care se aplică perfect pe ideea că trebuie să…