08-04-2010 05:06 AM - edited 03-11-2019 11:20 AM
Hello, have a problem with rule for ASA 5505. I need block all tarffic except maps.google.com:
regex googleMAP "maps\.google\.com"
class-map type inspect http match-all BlockDomainsClass
match not request header host regex class DomainBlockList
policy-map type inspect http http_incspect_policy
parameters
protocol-violation action drop-connection
match request method connect
drop-connection log
class BlockDomainsClass
reset log
This rule works, but not all maps are opened and maps are partially.
How I can use all ip maps.google.com:
74.125.87.103
74.125.87.105
74.125.87.99
74.125.87.104
74.125.87.106
74.125.87.147
in rule?
Solved! Go to Solution.
08-04-2010 05:17 AM
Dmitry,
More likely than not, google maps uses a lot of different domains then just maps.google.com for context and files to load the maps. I highly suggest you install the "Tamper Data" extension in Firefox as it will list all the requests your browser makes. That way you can see what domains and sub-domains are involved in loading google maps. You can get Tamper Data here:
https://addons.mozilla.org/en-US/firefox/addon/966/
Once installed, load it from Firefox's tools menu. Once it is open, browse and use google maps. Youw ill see all the requests made and the URLs. That way you can adjust and tune your policy accordingly.
When I tested just now I saw:
maps.google.com
maps.gstatic.com
mt0.google.com
mt1.google.com
Go ahead and try it your self and see what you find!
- Magnus
08-04-2010 05:17 AM
Dmitry,
More likely than not, google maps uses a lot of different domains then just maps.google.com for context and files to load the maps. I highly suggest you install the "Tamper Data" extension in Firefox as it will list all the requests your browser makes. That way you can see what domains and sub-domains are involved in loading google maps. You can get Tamper Data here:
https://addons.mozilla.org/en-US/firefox/addon/966/
Once installed, load it from Firefox's tools menu. Once it is open, browse and use google maps. Youw ill see all the requests made and the URLs. That way you can adjust and tune your policy accordingly.
When I tested just now I saw:
maps.google.com
maps.gstatic.com
mt0.google.com
mt1.google.com
Go ahead and try it your self and see what you find!
- Magnus
08-04-2010 05:43 AM
Thanks for the idea. Nevertheless, how I can use ip for filtering http
08-04-2010 06:59 AM
Dmitry,
I would not use IP addresses for HTTP filtering since IP address will, and do, change often. basing it on the hostname (via regex) is much more resilient to changing IP addresses.
- Magnus
08-04-2010 07:40 AM
Thank you
02-14-2018 09:13 AM
Extension no longer valid.
This add-on is not compatible with your version of Firefox.
Use tamperdata to view and modify HTTP/HTTPS headers and post parameters...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide