This document shows how to configure the Cisco Cache and Content Engines in order to filter URLs with Cisco Cache and Content Software, Releases 2.3.0 through 5.x.
There are no specific requirements for this document.
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
This is an add-on for the configuration of the URL-filter feature on the Cache Engine. You can block access to sites with the command url-filter bad-sites-block (version 2.x - 4.x) or the command url-filter http bad-sites-deny (version 5.x), and then list these URLs in a badurl.lst file.
You can also enable access to good sites. The command url-filter good-sites-allow (version 2.x - 4.x) or the command url-filter http good-sites-allow (version 5.x) is configured the same way, but blocks all URLs except the ones listed in a goodurl.lst file. The two features cannot coexist.
Create a badurl.lst that contains the list of sites you wish to block. You can also create an optional block.html that contains an HTML text message to send back to the client in order to inform the client that a URL has been blocked.
In this example (version 2.3), a badurl.lst and block.html files were created with an ASCII editor (Notepad or vi) and placed in the /local/etc directory. The files were transferred from a workstation with FTP binary transfer mode.
size date time name LongName
----- -------- -------- ---------- ---------
512 Mar-24-2000 13:07:48 . .
512 Apr-09-2000 18:12:44 .. ..
96020 Mar-24-2000 13:08:04 EVENTS.DAT events.dat
512 Mar-24-2000 13:13:24 TRANSLOG translog
5816 Mar-24-2000 13:13:24 FTPMIM~1.CON ftp.mime.config
62 Apr-09-2000 18:10:36 BADURL.LST badurl.lst
261 Apr-09-2000 17:34:38 BLOC~1.HTM block.html
4 DIR(S), 4 FILE(S) 102159 bytes
1986723840 bytes AVAILABLE ON VOLUME /c0t0d0s1
Issue the type command in order to verify that all the files have been transferred. List sites you wish to block in the badurl.lst file, with the full URL syntax (such as http://www.cisco.com/). The Cache Engine automatically skips all site subtrees.
The custom message is optional.
The site you are trying to view is blocked.
Please contact your system administrator if
you need to unblock this site.
Issue the url-filter bad-sites-block command in order to activate the feature in the Cache Engine.
(version 2.x) cache(config)# url-filter bad-sites-block (version 2.x)
(version 4.x) cache(config)# url-filter bad-sites-deny /local1/badlist.lst (version 4.x)
(version 4.x) cache(config)# url-filter bad-sites-deny enable (version 4.x)
(version 5.x) cache(config)# url-filter http bad-sites-deny file /local1/etc/badurl.lst (version 5.x)
(version 5.x) cache(config)# url-filter http bad-sites-deny enable (version 5.x)
cache# wr mem
Building configuration.... . [OK]
The show url-filter command shows that the feature is functional.
version 2.x cache# show url-filter
Block Bad sites from /local/etc/badurl.lst URL list
Display customized URL blocking message from /local/etc/block.html file.
version 4.x and 5.x
cache# sh url-filter
URL filtering is set to use bad-list
Local list configurations
Good-list file name :
Bad-list file name : /local1/badlist.lst
Custom message directory :
Websense server configuration
Websense server IP : <none>
Websense server port : 15868
Websense server timeout: 20 (in seconds)
Websense allow mode is ENABLED
N2H2 server configuration
N2H2 server IP : <none>
N2H2 server port : 4005
N2H2 server timeout : 5 (in seconds)
N2H2 allow mode is ENABLED