https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524522#M609662 <HTML><HEAD></HEAD><BODY><P>I made my config thanks to that document but there is no example about what im traying to do.</P><P>There is for subdomains in the last part of the document:</P><P></P><P>regex block-fb ".*facebook\.com" <BR />regex allow-fb "developer[s]*\.facebook\.com" </P><P></P><P></P><P>but there isnt for subfolder.</P><P></P><P>I was traying differents kinds like "*\.cnn\.com\AFRICA\"&nbsp;&nbsp;&nbsp; or&nbsp; "*\.cnn.com\AFRICA\"&nbsp;&nbsp;&nbsp; or "*\.cnn.com/AFRICA/" but nothing.</P></BODY></HTML> Wed, 06 Oct 2010 15:31:05 GMT andresitotubia 2010-10-06T15:31:05Z https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524520#M609660 <P>Hello,</P><P>I have on my Cisco asa 5510 the URL filtering running with regex. The problem that i have now is that i want to allow part of a domain.</P><P>For example i want to block cnn.com but i want to allow people to access cnn.com/AFRICA/</P><P>I was looking on the ASA URL filtering document but it has an example for sub domains, not for sub folders.</P><P></P><P>Bellow is my config</P><P></P><P></P><P></P><P>regex blockex8 "rojadirecta\.org"</P><P>regex blockex9 "megaupload\.org"</P><P>regex blockex1 "/facebook/"</P><P>regex blockex2 "facebook\.com"</P><P>regex blockex3 "taringa\.net"</P><P>regex blockex4 "twitter\.com"</P><P>regex blockex5 "rapidshare\.com"</P><P>regex blockex6 "ustream\.com"</P><P>regex blockex7 "youtube\.com"</P><DIV> </DIV><DIV> </DIV><DIV><DIV>access-list user-acl extended deny tcp host 172.16.16.133 any eq www </DIV><DIV>access-list user-acl extended deny tcp host 172.16.16.46 any eq www </DIV><DIV>access-list user-acl extended deny tcp host 172.16.16.0 any eq www </DIV><DIV>access-list user-acl extended deny tcp host 172.16.16.226 any eq www </DIV><DIV>access-list user-acl extended deny tcp host 172.16.16.87 any eq www </DIV><DIV>access-list user-acl extended permit tcp any any eq www </DIV></DIV><DIV> </DIV><DIV> </DIV><DIV><DIV>class-map block-user-class</DIV><DIV> match access-list user-acl</DIV><DIV>class-map inspection_default</DIV><DIV> match default-inspection-traffic</DIV><DIV>class-map type inspect http match-any block-url-class</DIV><DIV> match request uri regex blockex1</DIV><DIV> match request header host regex blockex2</DIV><DIV> match request header host regex blockex4</DIV><DIV> match request header host regex blockex5</DIV><DIV> match request header host regex blockex6</DIV><DIV> match request header host regex blockex7</DIV><DIV> match request header host regex blockex8</DIV><DIV> match request header host regex blockex9</DIV><DIV> match request header host regex blockex3</DIV></DIV><DIV> </DIV><DIV> </DIV><DIV><DIV>policy-map type inspect http http-inspect-pol</DIV><DIV> parameters</DIV><DIV>policy-map block-user-url-policy</DIV><DIV> class block-user-class</DIV><DIV>&nbsp; inspect http block-url-policy </DIV></DIV><DIV> </DIV><DIV>service-policy block-user-url-policy interface inside</DIV><P></P> Mon, 11 Mar 2019 18:51:01 GMT https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524520#M609660 andresitotubia 2019-03-11T18:51:01Z https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524521#M609661 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P><SPAN>Please look into </SPAN><A class="jive-link-wiki-small" href="https://community.cisco.com/docs/DOC-1268">https://supportforums.cisco.com/docs/DOC-1268</A></P><P>It has examples that will help you with what you want to do.</P><P></P><P>PK</P></BODY></HTML> Wed, 06 Oct 2010 15:21:49 GMT https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524521#M609661 Panos Kampanakis 2010-10-06T15:21:49Z https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524522#M609662 <HTML><HEAD></HEAD><BODY><P>I made my config thanks to that document but there is no example about what im traying to do.</P><P>There is for subdomains in the last part of the document:</P><P></P><P>regex block-fb ".*facebook\.com" <BR />regex allow-fb "developer[s]*\.facebook\.com" </P><P></P><P></P><P>but there isnt for subfolder.</P><P></P><P>I was traying differents kinds like "*\.cnn\.com\AFRICA\"&nbsp;&nbsp;&nbsp; or&nbsp; "*\.cnn.com\AFRICA\"&nbsp;&nbsp;&nbsp; or "*\.cnn.com/AFRICA/" but nothing.</P></BODY></HTML> Wed, 06 Oct 2010 15:31:05 GMT https://community.cisco.com/t5/network-security/url-filter-allowing-subfolder/m-p/1524522#M609662 andresitotubia 2010-10-06T15:31:05Z