Create A Regular Expression Class Map - Cisco ASA Series Configuration Manual
Firewall cli, asa services module, and the adaptive security virtual appliance
Hide thumbs
Also See for ASA Series:
- Cli configuration manual (2164 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Chapter 12
Getting Started with Application Layer Protocol Inspection
hostname(config)# test regex input_text regular_expression
Where the input_text argument is a string you want to match using the regular expression, up to 201
characters in length.
The regular_expression argument can be up to 100 characters in length.
Use Ctrl+V to escape all of the special characters in the CLI. For example, to enter a tab in the input
text in the test regex command, you must enter test regex "test[Ctrl+V Tab]" "test\t".
If the regular expression matches the input text, you see the following message:
INFO: Regular expression match succeeded.
If the regular expression does not match the input text, you see the following message:
INFO: Regular expression match failed.
To add a regular expression after you tested it, enter the following command:
Step 2
hostname(config)# regex name regular_expression
Where the name argument can be up to 40 characters in length.
The regular_expression argument can be up to 100 characters in length.
Examples
The following example creates two regular expressions for use in an inspection policy map:
hostname(config)# regex url_example example\.com
hostname(config)# regex url_example2 example2\.com
Create a Regular Expression Class Map
A regular expression class map identifies one or more regular expression. It is simply a collection of
regular expression objects. You can use a regular expression class map in many cases in replace of a
regular expression object.
Procedure
Create the regular expression class map.
Step 1
hostname(config)# class-map type regex match-any class_map_name
hostname(config-cmap)#
Where class_map_name is a string up to 40 characters in length. The name "class-default" is reserved.
All types of class maps use the same name space, so you cannot reuse a name already used by another
type of class map.
The match-any keyword specifies that the traffic matches the class map if it matches at least one of the
regular expressions.
(Optional) Add a description to the class map:
Step 2
hostname(config-cmap)# description string
Identify the regular expressions you want to include by entering the following command for each regular
Step 3
expression:
Configure Regular Expressions
Cisco ASA Series Firewall CLI Configuration Guide
12-17
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
