Cisco 4700M Configuration Manual page 176

Configuring a Layer 7 HTTP Deep Inspection Policy
Defining the HTTP Maximum Header Length for Inspection
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
3-52
For example, to specify regular expressions in a class map to emulate a wildcard
search to match the header value expression string, enter:
host1/Admin(config)# class-map type http inspect match-any
HTTP_INSPECT_L7CLASS
host1/Admin(config-cmap-http-insp)# match header Host header-value
.*myfirstcompanyexample.com
host1/Admin(config-cmap-http-insp)# match header Host header-value
.*mysecondcompanyexample.com
To clear an HTTP header match criteria from the class map, enter:
host1/Admin(config-cmap-http-insp)# no match header Host header-value
.*mysecondcompanyexample.com
By default, the maximum header length for HTTP deep packet inspection is
2048 bytes. Use the match header length command to limit the HTTP traffic
allowed through the ACE based on the length of the entity-body in the HTTP
message. Messages are either allowed or denied based on the Layer 7 HTTP deep
packet inspection policy map action.
You must access the class map configuration mode to specify the match header
length command.
The syntax of this command is as follows:
[line_number] match header length {request | response} {eq bytes | gt
bytes | lt bytes | range bytes1 bytes 2}
The keywords, arguments, and options are as follows:
line_number—(Optional) Argument that assists you in editing or deleting
•
individual match commands. Enter an integer from 2 to 1024 as the line
number. You can enter no line_number to delete long match commands
instead of entering the entire line. The line numbers do not dictate a priority
or sequence for the match statements.
request—Specifies the size of the HTTP header request message that can be
•
received by the ACE.
response—Specifies the size of the HTTP header response message sent by
•
the ACE.
Chapter 3 Configuring Application Protocol Inspection
OL-16202-01