Configuring a Layer 7 HTTP Deep Inspection Policy
To define MIME-type messages in addition to what is supported under the match
Note
header mime-type command, use the match header command. For example, to
define a match for a new MIME-type audio\myaudio, you could enter the
following match statement: match header Content-type header-value
audio/myaudio. See the
details.
The syntax of this command is as follows:
The keywords, arguments, and options are as follows:
•
•
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-54
"Defining an HTTP Header for Inspection"
[line_number] match header mime-type mime_type
line_number—(Optional) Argument that assists you in editing or deleting
individual match commands. Enter an integer from 2 to 1024 as the line
number. You can enter no line_number to delete long match commands
instead of entering the entire line. The line numbers do not dictate a priority
or sequence for the match statements.
mime_type—Predefined list of mime-types, such as image\Jpeg, text\html,
application/msword, and audio/mpeg. Choose whether only the mime-types
included in this list are permitted through the ACE or whether all mime-types
are acceptable. The default behavior is to allow all mime-types.
The supported mime-types are as follows:
application/msexcel
–
application/mspowerpoint
–
application/msword
–
application/octet-stream
–
application/pdf
–
application/postscript
–
application/x-gzip
–
–
application/x-java-archive
application/x-java-vm
–
application/x-messenger
–
application/zip
–
audio/*
–
Chapter 3
Configuring Application Protocol Inspection
section for
OL-16202-01