Difference between revisions of "Netband Project - Zone based Firewall(ZFW)"
From Teknologisk videncenter
| Line 1: | Line 1: | ||
<accesscontrol>NetBand</accesscontrol> | <accesscontrol>NetBand</accesscontrol> | ||
This page is part of the [[Netband_Project|Netband Project]]<br/> | This page is part of the [[Netband_Project|Netband Project]]<br/> | ||
| + | |||
| + | ==Branch router with DMZ== | ||
===HTTP Aplication inspection=== | ===HTTP Aplication inspection=== | ||
<pre>parameter-map type regex uri_regex_cm | <pre>parameter-map type regex uri_regex_cm | ||
| Line 23: | Line 25: | ||
service-policy http uri_check_pm | service-policy http uri_check_pm | ||
</pre> | </pre> | ||
| − | |||
| − | |||
==External links== | ==External links== | ||
Revision as of 11:58, 27 April 2009
<accesscontrol>NetBand</accesscontrol>
This page is part of the Netband Project
Branch router with DMZ
HTTP Aplication inspection
parameter-map type regex uri_regex_cm pattern ..*cmd.exe. pattern ..*sex. pattern ..*gambling. ! class-map type inspect http match-all uri_check_cm match request uri regex uri_regex_cm ! class-map type inspect match-any INSIDE-OUT-HTTP match protocol http ! policy-map type inspect http uri_check_pm class type inspect http uri_check_cm reset class class-default ! policy-map type inspect INSIDE-OUT-PMAP class type inspect INSIDE-OUT-HTTP inspect service-policy http uri_check_pm
External links
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_zone_polcy_firew.html