Cisco Systems CL-28826-01 Configuring Settings for Inspection Rules for IOS Devices

17-88

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 17 Managing Firewall Inspection Rules

Configuring Settings for Inspection Rules for IOS Devices

Configuring Settings for Inspection Rules for IOS Devices

If you configure inspection rules, you can also configure inspection settings to change the default

settings for some global inspection parameters for IOS devices. Most of the inspection settings relate to

preventing or mitigating Denial of Service (DoS) attacks. The default settings for most of these options

are appropriate for most networks, so configure this policy only if you need to adjust one or more

settings. If you do not change a setting, it is not configured on the device (the default remains

configured).

To open the Inspection settings page, do one of the following:

•(Device view) Select a device, then select Firewall > Settings > Inspection from the Policy selector.

Minimum repeat quantifier Repeat at least x times. For example, ab(xy){2,}z

matches abxyxyz, abxyxyxyz, etc.

[abc] Character class Matches any character in the brackets. For example, [abc]

matches a, b, or c.

[^abc] Negated character class Matches a single character that is not contained within

the brackets. For example, [^abc] matches any character

other than a, b, or c. [^A-Z] matches any single character

that is not an uppercase letter.

[a-c] Cha racter range class Matches any character in the range. [a-z] matches any

lowercase letter. You can mix characters and ranges:

[abcq-z] matches a, b, c, q, r, s, t, u, v, w, x, y, z, and so

does [a-cq-z].

The dash (-) character is literal only if it is the last or the

first character within the brackets: [abc-] or [-abc].

“” Quotation marks Preserves trailing or leading spaces in the string. For

example, “ test” preserves the leading space when it looks

for a match.

^ Caret Specifies the beginning of a line.

\ Escape character When used with a metacharacter, matches a literal

character. For example, \[ matches the left square bracket.

char Character When character is not a metacharacter, matches the literal

character.

\r Carriage return Matches a carriage return 0x0d.

\n Newline Matches a new line 0x0a.

\t Tab Matches a tab 0x09.

\f Formfeed Matches a form feed 0x0c.

\xNN Escaped hexadecimal number Matches an ASCII character using hexadecimal (exactly

two digits).

\NNN Escaped octal number Matches an ASCII character as octal (exactly three

digits). For example, the character 040 represents a

space.

Table17-53 Metacharacters Used to Build Regular Expressions (Continued)

Character Description Notes