Tried & want to block all “thing related” to the “picture’s below” from being accessed by your LAN / save “Soap” for not married/single man yet ?
Steps Configure IP NBAR Cisco with Regular Expression [old file] :
1. Configure Class Map to match any string in URL
class-map match-any ADULT-URL
match protocol http url “*porn*”
match protocol http url “*porn”
match protocol http url “porn*”
match protocol http url “*xxx*”
match protocol http url “xxx*”
match protocol http url “*xxx”
what ever specific string in URL you want to be blocked, put it on the list (3 raws with different place of “*” to match exactly”
2. Config Policy Map to Mark Traffic ADULT ini (DSCP x)
policy-map FILTER-ADULT
class ADULT-URL
set ip dscp 5
3. Create Access List to match marking traffic (DSCP) according to Policy Route-Map which will be set to Null.
access-list 150 permit ip any any dscp 5
access-list 150 deny ip any any
4. Configure Route-Map to Null traffic
route-map DENY-ADULT permit 10
match ip address 150
set interface Null0
5. Apply Service Policy to Interface LAN where accessing to this adult sites will be restricted
int f0/0.6
desc LAN-ADULT-SITE-RESTRICTED
ip policy route-map DENY-ADULT
service-policy input FILTER-ADULT
a. rahman isnaini r.sutan
