White list websites internet

[StaplesMan]

I wish to use a cisco router to block all websites except for only a handful. This restriction must allow based on domain name not on IP address. Because of this I can't simply get the IP address of the website and apply it to an ACL. This is because there are to many unknown sub domains to the websites that I need that it won't work. Must match on domain name in the url string or host name of the request.

I have done some testing with class-maps and policy-maps and using police to block the traffic but so far no luck on blocking all sites except for some.

Can anyone give any recommendation.

or links to websites that may have what I'm looking for. I can't seem to find anything!

I have found many sites and articles how to black list sites but not white list them.

Thanks

CCNA, A+, HP Certified Professional

 

[burtsbees]

You can use simple acls to permit url's...

However, post a sh ver.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[StaplesMan]

Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 12.3(8)YG4, R
ELEASE SOFTWARE (fc1)
Synched to technology version 12.3(10.3)T2
Technical Support:

http://www.cisco.com/techsupport

Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Thu 04-May-06 00:15 by ealyon

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
ROM: Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 12.3(8)Y
G4, RELEASE SOFTWARE (fc1)

Fullop uptime is 10 weeks, 55 minutes
System returned to ROM by power-on
System restarted at 12:27:01 cdt Thu Sep 10 2009
System image file is "flash:c1841-advsecurityk9-mz.123-8.YG4.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 1841 (revision 7.0) with 117760K/13312K bytes of memory.
Processor board ID FTX1131Z13T
2 FastEthernet interfaces
2 Serial interfaces
2 Channelized T1/PRI ports
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
31360K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

CCNA, A+, HP Certified Professional

 

[StaplesMan]

Any update on this Burts?

CCNA, A+, HP Certified Professional