PDF(45.7 KB) View with Adobe Reader on a variety of devices
ePub(100.8 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(108.7 KB) View on Kindle device or Kindle app on multiple devices
Updated:October 26, 2016
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes the procedure to block URLs that contain special characters like "?" on SCE 8000 platforms. These URLs are generally not accepted by Service Control Engine (SCE) when configured with SCE CLI.
Cisco recommends that you have knowledge of these topics:
This document is based on SCE 8000 with SCOS version of 4.2 or later.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Some URLs contain special characters like "?" on SCE 8000 platforms.These URLs are generally not accepted by SCE when configured with SCE CLI. However, these URLs can be successfully blocked when you import a csv file and make suitable changes from SCABB.
Create a CSV file
Create a CSV file that contains URLs you want to block. A sample csv file will look like this:
This file should have an extension of .csv. Once you have this file ready, copy this file to a FTP server which is reachable from your SCE.
Import this file to SCE
Import this csv file from your FTP server to /apps/data/scos with the use of this command:
Once you have the csv file on your SCE, import it to the URL database with the use of this configuration:
SCE8000-1#>conf t SCE8000-1(config)#>int lin 0 SCE8000-1(config if)#>sce-url-database import cleartext-file filename.csv flavor-id <flavour-id>
Note: If you import the URLs from a new csv file, previous URL database will be flushed and URLs present only in the latest csv file will be blocked.Therefore, it is suggested that if you wish to update the url database with any new URL , save the previous csv file and add the new entry in the same file and push it to the SCE.This will ensure that all the URLs are blocked.
Use this section in order to confirm that your configuration works properly.
To verify if the file has been copied to SCE or not, run the dir command.
To verify if the URLs have been imported or not, run the command Show interface Linecard <x> sce-url-database all.
This section provides information you can use in order to troubleshoot your configuration.
Some of the most common issues that you might face at the time of this process are:
1. File fails to copy
Ensure that the FTP server is reachable from SCE when it pings the IP of the FTP server. If pings are successful but you still are not able to get the file, check for any blockings in network .
2. Blocking stops when you browse a different page on the same URL
Navigate to SCABB > Service Configuration Editor > Policies > System Settings > Advanced Options > Advanced Service Configuration Options as shown in the image.
Here you see an option that states, 'Number of HTTP GET detections'. Try to change this value to a higher one (say five). However, note that this might impact the performance and therefore it is important that you understand the possible impact before you increase it to a higher value.