Cisco 500 Series Cache Engines

Introduction

This document shows how to configure the Cisco Cache and Content Engines in order to filter URLs with Cisco Cache and Content Software, Releases 2.3.0 through 5.x.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Block Access to Sites

This is an add-on for the configuration of the URL-filter feature on the Cache Engine. You can block access to sites with the command url-filter bad-sites-block (version 2.x - 4.x) or the command url-filter http bad-sites-deny (version 5.x), and then list these URLs in a badurl.lst file.

You can also enable access to good sites. The command url-filter good-sites-allow (version 2.x - 4.x) or the command url-filter http good-sites-allow (version 5.x) is configured the same way, but blocks all URLs except the ones listed in a goodurl.lst file. The two features cannot coexist.

1. Create a badurl.lst that contains the list of sites you wish to block. You can also create an optional block.html that contains an HTML text message to send back to the client in order to inform the client that a URL has been blocked.

   In this example (version 2.3), a badurl.lst and block.html files were created  with an ASCII editor (Notepad or vi) and placed in the /local/etc directory. The files were transferred from a workstation with FTP binary transfer mode.

   cache#cd /local/etc 
   cache#dir 
   
       size      date          time        name           LongName 
       -----     --------      --------    ----------     ---------      
         512     Mar-24-2000   13:07:48    .              . 
         512     Apr-09-2000   18:12:44    ..             .. 
       96020     Mar-24-2000   13:08:04    EVENTS.DAT     events.dat     
         512     Mar-24-2000   13:13:24    TRANSLOG       translog 
        5816     Mar-24-2000   13:13:24    FTPMIM~1.CON   ftp.mime.config     
          62     Apr-09-2000   18:10:36    BADURL.LST     badurl.lst 
         261     Apr-09-2000   17:34:38    BLOC~1.HTM     block.html 
        
        4 DIR(S),   4 FILE(S) 102159 bytes 
        1986723840 bytes AVAILABLE ON VOLUME /c0t0d0s1

2. Issue the type command in order to verify that all the files have been transferred. List sites you wish to block in the badurl.lst file, with the full URL syntax (such as http://www.cisco.com/). The Cache Engine automatically skips all site subtrees.

   cache#type badurl.lst
       http://www.unwantedsite1.com/
       http://www.unwantedsite2.com/
       http://www.unwantedsite3.com/

3. The custom message is optional.

   cache#type block.html
       URL Blocked
       The site you are trying to view is blocked.
       Please contact your system administrator if
       you need to unblock this site.

4. Issue the url-filter bad-sites-block command in order to activate the feature in the Cache Engine.

   (version 2.x) cache(config)# url-filter bad-sites-block (version 2.x)
   (version 4.x) cache(config)# url-filter bad-sites-deny  /local1/badlist.lst  (version 4.x)
   (version 4.x) cache(config)# url-filter bad-sites-deny enable    (version 4.x)
   (version 5.x) cache(config)# url-filter http bad-sites-deny file /local1/etc/badurl.lst (version 5.x)
   (version 5.x) cache(config)# url-filter http bad-sites-deny enable    (version 5.x)
   
   cache(config)# exit
   cache# wr mem
   Building configuration.... . [OK]
   

5. The show url-filter command shows that the feature is functional.

   version 2.x cache# show url-filter
   Block Bad sites from /local/etc/badurl.lst URL list
   Display customized URL blocking message from /local/etc/block.html file.
   
     
   version 4.x and 5.x
   
       cache# sh url-filter 
       URL filtering is set to use bad-list
   
       Local list configurations
       ==================================
       Good-list file name : 
       Bad-list file name : /local1/badlist.lst
       Custom message directory : 
   
       Websense server configuration
       ==================================
       Websense server IP     : <none>
       Websense server port   : 15868
       Websense server timeout: 20 (in seconds)
       Websense allow mode is ENABLED 
   
       N2H2 server configuration
       ==============================
       N2H2 server IP       : <none>
       N2H2 server port     : 4005
       N2H2 server timeout  : 5 (in seconds)
       N2H2 allow mode is ENABLED 
       cache#
   

Related Information

• Cisco Cache Software, Release 2.3
• Cache Engine 500 Series Product Support
• Content Engine 500 Series Product Support
• Application Networking Services Support Resources
• Technical Support - Cisco Systems