[j-nsp] Checking URL thru filter/policy on M-series router interface

Stefan Fouant sfouant at gmail.com
Mon Oct 5 10:13:18 EDT 2009


On Mon, Oct 5, 2009 at 2:33 AM, Stefan Fouant <sfouant at gmail.com> wrote:

> On Mon, Oct 5, 2009 at 2:20 AM, S.Hasan Asghar Naqvi <
> hasan.asghar at gmail.com> wrote:
>
>> Hi
>>
>> I would like to know if there is a possibility on M-series router to check
>> from the traffic on an interface, any particular URL from the HTTP traffic
>> passing through this interface.
>>
>> Like in Cisco we can match URL as
>>
>> Router(config-cmap)#*match protocol http url "mydomain.com"*
>>
>
> M-Series firewall-filter match conditions can only inspect up to Layer 4,
> so there is no ability for it to do DPI on a packet at Layer 7.  For that
> type of application you might want to look into SSG or SRX platforms.
>

On second thought, you might be able to achieve some of this functionality
by using an IDP policy if your router is equipped with an MS-400
MultiServices PIC.

-- 
Stefan Fouant


More information about the juniper-nsp mailing list