I am trying to block specific extension and specific url so that users cant access/download.

I did the following configuration but only youtube is not working rest all downloading and url are working fine.

class-map match-any p2p

match protocol fasttrack file-transfer "*"

match protocol gnutella file-transfer "*"

match protocol bittorrent

class-map match-any youtube

match protocol http url "*youtube*"

match protocol http host "*youtube.com"

match protocol http url "*kh.google.com*"

match protocol http url "*pakiztan.tv*"

match protocol http url "*pakiztan*"

match access-group name webblock

match protocol http url "*.rar*"

match protocol http url "*.zip*"

match protocol http url "*.exe*"

match protocol http url "*www.pakisztan.tv*"

match protocol http url "*www.pakiztan.tv*"

match protocol http url "*.flv*"

match protocol http url "*.avi*"

match protocol http url "*.mpg*"

match protocol http url "*.mpeg*"

match protocol http url "*.mp33*"

match protocol http url ".exe*"

match protocol http url ".zip*"

match protocol http url ".flv*"

match protocol http url ".mpg*"

!

!

policy-map p2p

class p2p

drop

class youtube

drop

ip access-list extended webblock

deny udp any any eq 554

deny tcp any any eq 2979

deny udp any any eq 2979

deny tcp any any eq 1790

deny udp any any eq 1790

deny tcp any any eq 1755

deny udp any any eq 1755

deny tcp any any eq 1736

deny udp any any eq 1736

deny tcp any any eq 537

deny udp any any eq 537

deny tcp any any eq 554

interface GigabitEthernet0/1

ip nbar protocol-discovery

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

media-type rj45

negotiation auto

service-policy input p2p

Pleaes tell me how to block the users from downloading etc.