Chapter 20
Using Modular Policy Framework
hostname(config)# service-policy new_global_policy global
Modular Policy Framework Examples
This section includes several Modular Policy Framework examples, and includes the following topics:
•
•
•
Applying Inspection to HTTP Traffic Globally
In this example (see
through any interface is classified for HTTP inspection.
Figure 20-1
Host A
See the following commands for this example:
hostname(config)# class-map http_traffic
hostname(config-cmap)# match port tcp eq 80
hostname(config)# policy-map http_traffic_policy
hostname(config-pmap)# class http_traffic
hostname(config-pmap-c)# inspect http
hostname(config)# service-policy http_traffic_policy global
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Applying Inspection to HTTP Traffic Globally, page 20-21
Applying Inspection and Connection Limits to HTTP Traffic to Specific Servers, page 20-22
Applying Inspection to HTTP Traffic with NAT, page 20-22
Figure
20-1), any HTTP connection (TCP traffic on port 80) that enters the FWSM
Global HTTP Inspection
port 80
insp.
A
inside
FWSM
port 80 insp.
outside
Modular Policy Framework Examples
Host B
20-21