21-21
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter21 Managing Zone-based Firewall Rules
Configuring Inspection Maps for Zone-based Firewall Policies
H.323 (IOS) Class Maps Add or Edit Match Criterion Dialog Boxes
Use the Add or Edit Match Criterion dialog boxes for the H.323 (IOS) class used with zone-based
firewall policies to define a match criterion and value for the class map. You can match traffic based on
the H.323 protocol message type. Select the message that you want to match.
Navigation Path
From the Add or Edit Class Maps dialog boxes for the H.323 (IOS) class, right-click inside the table and
select Add Row or right-click a row and select Edit Row. See Configuring Class Maps for Zone-Based
Firewall Policies, page 21-17.
Related Topics
Understanding Map Objects, page 6-72
Configuring Inspection Maps for Zone-based Firewall Policies, page21-15
Understanding the Zone-based Firewall Rules, page 21-3
HTTP (IOS) Class Add or Edit Match Criterion Dialog Boxes
Use the Add or Edit Match Criterion dialog boxes for the HTTP (IOS) class used with zone-based
firewall policies to define a match criterion and value for the class map.
The fields on this dialog box change based on the criterion you select. You can use the following criteria:
Request/Response Body Length, Request Body Length, Response Body Length—Specifies that the
body length of the request, response, or both, is less than or greater than the specified number. This
allows you to set a minimum or maximum message length.
Request/Response Body, Request Body, Response Body—Applies a regular expression to match the
body of the request, response, or both.
Request/Response Header, Request Header, Response Header—You can match a regular expression
against the header, test for repeated fields, check the content type, or check the total length or
number of records in the header.
Request/Response Protocol Violation—Matches non-compliant HTTP traffic.
Request Argument, Request URI—Matches the length or content (with a regular expression) of the
argument (parameters) or uniform resource identifier (URI) in a request message.
Request Port Misuse—Matches the misuse of ports by certain types of applications.
Response Body Java Applet—Matches Java applets in an HTTP connection.
Response Header Status Line—Applies a regular expression to match the content of the status line
in the header.
File Name The name of the file associated with the traffic. You can use regular
expressions to specify a name pattern. For information on the
metacharacters you can use to build regular expressions, see
Metacharacters Used to Build Regular Expressions, page 17-87.
Tip eDonkey does not require a file name.
Table21-4 Zone-based Firewall P2P Application Class Maps Add or Edit Match Condition Dialog
Boxes (Continued)
Element Description