Cisco 7604 Configuration Manual page 478

HTTP Inspection
(Optional) To match text found in the HTTP request message header, or to restrict the count or length
f.
of the header, enter the following command:
hostname(config-cmap)# match [not] request header {[field]
[regex [regex_name | class regex_class_name]] |
[length gt max_length_bytes | count gt max_count_bytes]}
Where the field is the predefined message header keyword. The regex regex_name argument is the
regular expression you created in
map you created in
The count gt max_count is the maximum number of header fields.
(Optional) To match text found in the HTTP request message method, enter the following command:
g.
hostname(config-cmap)# match [not] request method {[method] |
[regex [regex_name | class regex_class_name]]
Where the method is the predefined message method keyword. The regex regex_name argument is
the regular expression you created in
class map you created in
h. (Optional) To match text found in the HTTP request message URI, enter the following command:
hostname(config-cmap)# match [not] request uri {regex [regex_name | class
regex_class_name] | length gt max_bytes}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
max_bytes is the maximum message body length in bytes.
(Optional) To match text found in the HTTP response message body, or to comment out Java applet
i.
and Active X object tags in order to filter them, enter the following command:
hostname(config-cmap)# match [not] response body {[active-x] | [java-applet] |
[regex [regex_name | class regex_class_name]] | length gt max_bytes}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
max_bytes is the maximum message body length in bytes.
(Optional) To match text found in the HTTP response message header, or to restrict the count or
j.
length of the header, enter the following command:
hostname(config-cmap)# match [not] response header {[field]
[regex [regex_name | class regex_class_name]] |
[length gt max_length_bytes | count gt max_count]}
Where the field is the predefined message header keyword. The regex regex_name argument is the
regular expression you created in
map you created in
The count gt max_count is the maximum number of header fields.
k. (Optional) To match text found in the HTTP response message status line, enter the following
command:
hostname(config-cmap)# match [not] response status-line {regex [regex_name | class
regex_class_name]}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
Create an HTTP inspection policy map, enter the following command:
Step 4
hostname(config)# policy-map type inspect http policy_map_name
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
22-62
Step 1. The class regex_class_name is the regular expression class
Step 2. The length gt max_bytes is the maximum message body length in bytes.
Step 1. The class regex_class_name is the regular expression
Step 2.
Step 1. The class regex_class_name is the regular expression class
Step 2. The length gt max_bytes is the maximum message body length in bytes.
Chapter 22 Applying Application Layer Protocol Inspection
Step 2. The length gt
Step 2. The length gt
Step 2.
Step 1. The class
Step 1. The class
Step 1. The class
OL-20748-01