21-25
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter21 Managing Zone-based Firewall Rules
Configuring Inspection Maps for Zone-based Firewall Policies
SMTP Class Maps Add or Edit Match Criterion Dialog Boxes
Use the Add or Edit Match Criterion dialog boxes for the SMTP classes used with zone-based firewall
policies to define a match criterion and value for the class map.
Tip Only the Data Length criterion is available for routers running Cisco IOS Software lower than 12.4(20)T.
The fields on this dialog box change based on the criterion you select. You can use the following criteria:
Data Length—Specifies that the data length of the traffic is greater than the specified number. You
can match the data length of the traffic to determine if the data transferred in an SMTP connection
exceeds the specified length in bytes. By default, inspection keeps data length below 20.
Method The request method you want to inspect:
ack—Acknowledges that the previous message is valid and
accepted.
bye—Signifies the intention to terminate a call.
cancel—Terminates any pending request.
info—Communicates mid-session signaling information along the
signaling path for the call.
invite—Sets up a call.
message—Sends an instant message.
notify—Informs subscribers of state changes.
options—Queries the capabilities of another user agent or a proxy
server.
prack—Provides reliable transfer of provisional response
messages.
refer—Indicates that the recipient should contact a third party
using the contact information provided in the request.
register—Includes a contact address to which SIP requests for the
address-of-record should be forwarded.
subscribe—Requests notification of an event or set of events at a
later time.
update—Permits a client to update parameters of a session but has
no impact on the state of a dialog.
Status The regular expression is matched against the status line in the
response.
Regular Expression The regular expression object that defines the regular expression you
want to use for pattern matching. Enter the name of the object. You can
click Select to choose the object from a list of existing ones or to create
a new regular expression object.
Table21-6 SIP (IOS) Class Add or Edit Match Criterion Dialog Boxes (Continued)
Element Description