Configuring a Layer 7 SIP Inspection Policy
Including Inline Match Statements in a Layer 7 SIP Inspection Policy Map
Note
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-88
To remove the description from the policy map, enter:
host1/Admin(config-pmap-ins-sip)# no description
You can include a single inline match criteria in the policy map without specifying
a traffic class by using an applicable Layer 7 match command. The inline Layer 7
policy map match commands function the same as the Layer 7 class map match
commands. However, when you use an inline match command, you can specify
an action for only a single match statement in the Layer 7 policy map.
To specify actions for multiple match statements, use a class map as described in
the
"Configuring a Layer 7 SIP Inspection Class Map"
The syntax for an inline match command is as follows:
match name match_statement [insert-before map_name]
The keywords, arguments, and options are as follows:
name—Name assigned to the inline match command. Enter an unquoted text
•
string with no spaces. The length of the inline match statement name plus the
length of the policy map name with which it is associated cannot exceed a
total maximum of 64 alphanumeric characters. For example, if the policy map
name is L7_POLICY (nine characters), an inline match statement name under
this policy cannot exceed 55 alphanumeric characters (64
match_statement—Inline match criteria to be used by the policy map. See the
•
details on the match commands associated with the Layer 7 SIP inspection
class map.
insert-before map_name—(Optional) Places the inline match command
•
ahead of an existing class map in the policy map configuration.
The syntax for the Layer 7 SIP inspection policy map inline match commands is
as follows:
match name called-party expression
match name calling-party expression
match name content {length gt number} | {type sdp | expression}
Chapter 3
Configuring Application Protocol Inspection
section.
-
9 = 55).
OL-16202-01