Difference between revisions of "Netband Project - Zone based Firewall(ZFW)"

From Teknologisk videncenter
Jump to: navigation, search
(External links)
(External links)
Line 1: Line 1:
 
<accesscontrol>NetBand</accesscontrol>
 
<accesscontrol>NetBand</accesscontrol>
 
This page is part of the [[Netband_Project|Netband Project]]<br/>  
 
This page is part of the [[Netband_Project|Netband Project]]<br/>  
 +
===HTTP Aplication inspection==
 +
<pre>parameter-map type regex uri_regex_cm
 +
pattern ..*cmd.exe.
 +
pattern ..*sex.
 +
pattern ..*gambling.
 +
!
 +
class-map type inspect http match-all uri_check_cm
 +
match  request uri regex uri_regex_cm
 +
!
 +
class-map type inspect match-any INSIDE-OUT-HTTP
 +
match protocol http
 +
!
 +
policy-map type inspect http uri_check_pm
 +
class type inspect http uri_check_cm
 +
  reset
 +
class class-default
 +
!
 +
policy-map type inspect INSIDE-OUT-PMAP
 +
  class type inspect INSIDE-OUT-HTTP
 +
  inspect
 +
  service-policy http uri_check_pm
 +
</pre>
 +
 
==External links==
 
==External links==
 
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
 
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
 
<br>
 
<br>
 
http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_zone_polcy_firew.html
 
http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_zone_polcy_firew.html

Revision as of 09:15, 27 April 2009

<accesscontrol>NetBand</accesscontrol> This page is part of the Netband Project

=HTTP Aplication inspection

parameter-map type regex uri_regex_cm
 pattern ..*cmd.exe.
 pattern ..*sex.
 pattern ..*gambling.
!
class-map type inspect http match-all uri_check_cm
 match  request uri regex uri_regex_cm
!
class-map type inspect match-any INSIDE-OUT-HTTP
 match protocol http
!
policy-map type inspect http uri_check_pm
 class type inspect http uri_check_cm
  reset
 class class-default
!
policy-map type inspect INSIDE-OUT-PMAP
  class type inspect INSIDE-OUT-HTTP
  inspect
  service-policy http uri_check_pm

External links

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_zone_polcy_firew.html