1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. 4700M
  6. Configuration manual

Cisco 4700M Configuration Manual page 167

Application control engine appliance security
Hide thumbs Also See for 4700M:
Table of Contents

Advertisement

Chapter 3
Configuring Application Protocol Inspection
Defining the Length of the HTTP Content for Inspection
OL-16202-01
offset number—Provides an absolute offset where the content expression
search string starts. The offset starts at the first byte of the message body,
after the empty line (CR,LF,CR,LF) between the headers and the body of the
message. The offset value is between 1 to 4000 bytes.
For example, to create a class map that specifies a content expression contained
within the entity-body sent with an HTTP request, enter:
host1/Admin(config)#class-map type http inspect match-any
HTTP_INSPECT_L7CLASS
host1/Admin(config-cmap-http-insp)# match content .*newp2psig
To clear the content expression checking match criteria from the class map, enter:
host1/Admin(config-cmap)# no match content .*newp2psig
You can use the match content length command to configure the class map to
define application inspection decisions on HTTP traffic up to the configured
maximum content parse length. Messages that meet the specified criteria will be
either allowed or denied based on the Layer 7 HTTP deep packet inspection policy
map action.
You must access the class map configuration mode to specify the match content
length command.
The syntax of this command is as follows:
[line_number] match content length {eq bytes | gt bytes | lt bytes | range
bytes1 bytes 2}
The keywords, arguments, and options are as follows:
line_number—(Optional) Argument that assists you in editing or deleting
individual match commands. Enter an integer from 2 to 1024 as the line
number. You can enter no line_number to delete long match commands
instead of entering the entire line. The line numbers do not dictate a priority
or sequence for the match statements.
eq bytes—Specifies a value for the content parse length in an HTTP message
received by the ACE. Based on the policy map action, the ACE allows or
denies messages with a content length equal to the specified value. Valid
entries are from 1 to 65535 bytes.
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Layer 7 HTTP Deep Inspection Policy
3-43

Advertisement

Table of Contents
loading

Related Manuals for Cisco 4700M

Related Products for Cisco 4700M

This manual is also suitable for:

4700 series

Table of Contents