1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Software
  5. 4700M
  6. Configuration manual

Including Inline Match Statements In A Layer 7 Http Deep Packet Inspection Policy Map - Cisco 4700M Configuration Manual

Application control engine appliance security
Hide thumbs Also See for 4700M:
Table of Contents

Advertisement

Chapter 3
Configuring Application Protocol Inspection
Including Inline Match Statements in a Layer 7 HTTP Deep Packet Inspection
Policy Map
Note
OL-16202-01
You can include a single inline match criteria in the policy map without specifying
a traffic class by entering an applicable Layer 7 match command. The inline
Layer 7 policy map match commands function the same as with the Layer 7 class
map match commands. However, when you use an inline match command, you
can specify an action for only a single match statement in the Layer 7 policy map.
To specify actions for multiple match statements, use a class map as described in
the
"Associating a Layer 7 HTTP Inspection Traffic Class with the Traffic Policy"
section.
The syntax of this command is as follows:
match name match_statement [insert-before map_name]
The keywords, arguments, and options are as follows:
name—Name assigned to the inline match command. Enter an unquoted text
string with no spaces. The length of the inline match statement name plus the
length of the policy map name with which it is associated cannot exceed a
total maximum of 64 alphanumeric characters. For example, if the policy map
name is L7_POLICY (nine characters), an inline match statement name under
this policy cannot exceed 55 alphanumeric characters (64
match_statement—Inline match criteria to be used by the policy map. See
below for details on the individual match commands associated with the
Layer 7 HTTP deep inspection class map.
insert-before map_name—(Optional) Places the inline match command
ahead of an existing class map in the policy map configuration.
The syntax for the HTTP deep packet inspection policy map inline match
commands is as follows:
match name content expression [offset number]
match name content length {eq bytes | gt bytes | lt bytes | range bytes1
bytes 2}
match name content-type-verification
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Layer 7 HTTP Deep Inspection Policy
-
9 = 55).
3-65

Advertisement

Table of Contents
loading

Related Manuals for Cisco 4700M

Related Content for Cisco 4700M

This manual is also suitable for:

4700 series

Table of Contents