Hey Cristian, It looks OK to me - is it working?
I guess you loaded the necessary phdf files or the match protocol statements wouldn't work. The examples in 12.4T FPM config guide use hex for the protocol value: http://www.cisco.com/en/US/partner/docs/ios/sec_data_plane/configuration/guide/sec_flex_pack_match_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1054174 I prefer to use hex, but I think the decimal number usually works - I've seen people change it from decimal to hex sometimes when decimal doesn't work, but not sure that the criteria are for choosing one of the other. On Mon, Feb 14, 2011 at 4:49 AM, cristian venegas <[email protected]>wrote: > Folks, > > Im doing a mini-lab to see if i understood FPM correctly. Basically, i want > to drop all web traffic. Can anybody confirm if this is correct? For some > reason its not working. > > class-map type stack match-all cm_1 > match field IP protocol eq 6 next TCP > class-map type access-control match-all cm_2 > match field TCP dest-port eq 80 > ! > policy-map type access-control pm_2 > class cm_2 > log > drop > policy-map type access-control pm_1 > class cm_1 > service-policy pm_2 > ! > interface FastEthernet0/0.20 > ip address 10.20.20.2 255.255.255.0 > service-policy type access-control input pm_1 > > Thanks! > > Regards, > Cristian > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
