A few days ago to do with MA5600 , has no, today found a 9303 try, finally!!
Observe-port 1 interface GigabitEthernet1/0/0
Add the observation port
ACL number 5000
Rule 1 permit 0x00000050 0x0000ffff 42
Add user defined ACL, matching the target TCP 80 port, TCP protocol at the start of the two layer packets of thirty-fourth bytes, 2 bytes source port, destination port 2 bytes, 6 bytes plus PPPoE protocol, PPP protocol byte offset from the beginning of 2, forty-second bytes
Traffic classifier web operator or precedence 5
If-match ACL 5000
#
Traffic behavior Web
Mirroring to observe-port 1
#
Traffic policy Web
Classifier web behavior Web
Standard three piece suit
Interface GigabitEthernet1/0/6
Port link-type access
Port default VLAN 106
Traffic-policy web inbound
Business application port ACL, found ACL involves two layer data only in the direction of application, unable to make the direction
The final catch all monitoring equipment is the MA5600T destination port for the TCP 80 package