Installation guide
12-74
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 12 Configuring Traffic Policies
Configuring Rules and Actions for Policy Maps
Table 12-30 HTTP Deep Packet Inspection Match Types
Match Condition Type Description
Content Specific content contained within the HTTP entity-body is used for application inspection
decisions.
1. In the Content Expression field, enter the content that is to be matched. Valid entries are
alphanumeric strings from 1 to 255 characters.
2. In the Content Offset (Bytes) field, enter the number of bytes to be ignored starting with the
first byte of the Message body, after the empty line (CR,LF,CR,LF) between the headers and
the body of the message. Valid entries are from 1 to 4000 bytes.
Content Length The content parse length in an HTTP message is used for application inspection decisions.
1. In the Content Length Operator field, select the operand to be used to compare content length:
–
Equal To—Indicates that the content length must equal the number in the Content Length
Value (Bytes) field.
–
Greater Than—Indicates that the content length must be greater than the number in the
Content Length Value (Bytes) field.
–
Less Than—Indicates that the content length must be less than the number in the Content
Length Value (Bytes) field.
–
Range—Indicates that the content length must be within the range specified in the
Content Length Lower Value (Bytes) field and the Content Length Higher Value (Bytes)
field.
2. Enter values to apply for content length comparison:
–
If you select Equal To, Greater Than, or Less Than in the Content Length Operator field,
the Content Length Value (Bytes) field appears. In the Content Length Value (Bytes) field,
enter the number of bytes for comparison. Valid entries are integers from 0 to
4294967295.
–
If you select Range in the Content Length Operator field, the Content Length Lower Value
(Bytes) and the Content Length Higher Value (Bytes) fields appear:
1. In the Content Length Lower Value (Bytes) field, enter the lowest number of bytes to
be used for this match condition. Valid entries are integers from 0 to 4294967295. The
number in this field must be less than the number entered in the Content Length Higher
Value (Bytes) field.
2. In the Content Length Higher Value (Bytes) field, enter the highest number of bytes to
be used for this match condition. Valid entries are integers from 1 to 4294967295. The
number in this field must be greater than the number entered in the Content Length Lower
Value (Bytes) field.
Content Type
Verif ic a t i o n
Verifies the content MIME-type messages with the header MIME-type. This inline match
command limits the MIME-types in HTTP messages allowed through the ACE appliance. It
verifies that the header MIME-type value is in the internal list of supported MIME-types and the
header MIME-type matches the actual content in the data or entity body portion of the message.
If they do not match, the ACE appliance performs the specified Layer 7 policy map action.
Note Content Type Verification is only available an inline match condition. Because this Layer
7 HTTP deep inspection match criteria cannot be combined with other match criteria, it
appears as an inline match condition.