Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700

461

462

463

464

465

466

467

468

469

470

12-48

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-02

Chapter 12 Configuring Traffic Policies

Configuring Rules and Actions for Policy Maps

Table 12-19 Policy Match Condition Types

Match Condition Description

HTTP Content Specific content contained within the HTTP entity-body is used to establish a match condition.

1. In the Content Expression field, enter the content that is to be matched. Valid entries are

alphanumeric strings from 1 to 255 characters.

2. In the Content Offset (Bytes) field, enter the number of bytes to be ignored starting with the

first byte of the Message body, after the empty line (CR,LF,CR,LF) between the headers and

the body of the message. Valid entries are integers from 1 to 4000.

HTTP Cookie Indicates that HTTP cookies are to be used for this rule.

If you select this method:

1. In the Cookie Name field, enter a unique cookie name. Valid entries are unquoted text strings

with no spaces and a maximum of 64 alphanumeric characters.

2. In the Cookie Value field, enter a unique cookie value expression. Valid entries are unquoted

text strings with no spaces and a maximum of 255 alphanumeric characters. The ACE

appliance supports regular expressions for matching string expressions. Table 12-33 lists the

supported characters that you can use for matching string expressions.

HTTP Header Indicates that the HTTP header and a corresponding value are to be used for this rule.

If you select this method:

1. In the Header Name field, enter the name of the generic field in the HTTP header. Valid entries

are unquoted text strings with no spaces and a maximum of 64 alphanumeric characters.

2. In the Header Value (Bytes) field, enter the header-value expression string to compare against

the value in the specified field in the HTTP header. Valid entries are text strings with a

maximum of 255 alphanumeric characters. The ACE appliance supports regular expressions

for matching. To include spaces, enclose the entire string in quotes. All headers in the header

map must be matched. See Table 12-33 for a list of the supported characters that you can use

in regular expressions.

HTTP URL Indicates that this rule is to perform regular expression matching against the received packet data

from a particular connection based on the HTTP URL string.

If you select this method:

1. In the URL Expression field, enter a URL, or portion of a URL, to match. Valid entries are

URL strings from 1 to 255 alphanumeric characters. Include only the portion of the URL

following www.hostname.domain in the match statement. For example, in the URL

www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the

www.anydomain.com portion, the URL string can take the form of a URL regular expression.

The ACE appliance supports regular expressions for matching URL strings. See Table 12-33

for a list of the supported characters that you can use in regular expressions.

2. In the Method Expression field, enter the HTTP method to match. Valid entries are unquoted

text strings with no spaces and a maximum of 64 alphanumeric characters. The method can

either be one of the standard HTTP 1.1 method names (OPTIONS, GET, HEAD, POST, PUT,

DELETE, TRACE, or CONNECT) or a text string that must be matched exactly (for example,

CORVETTE).