Chapter 22
Applying Application Layer Protocol Inspection
The CLI enters class-map configuration mode, where you can enter one or more match commands.
(Optional) To add a description to the class map, enter the following command:
b.
hostname(config-cmap)# description string
Where string is the description of the class map (up to 200 characters).
(Optional) To match a called party, as specified in the To header or Contact header, enter the
c.
following command:
hostname(config-cmap)# match [not] called-party regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a calling party, as specified in the From header, enter the following command:
d.
hostname(config-cmap)# match [not] calling-party regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a content length in the SIP header, enter the following command:
e.
hostname(config-cmap)# match [not] content length gt length
Where length is the number of bytes the content length is greater than. 0 to 65536.
(Optional) To match an SDP content type or regular expression, enter the following command:
f.
hostname(config-cmap)# match [not] content type {sdp | regex {class class_name |
regex_name}}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a SIP IM subscriber, enter the following command:
g.
hostname(config-cmap)# match [not] im-subscriber regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a SIP via header, enter the following command:
h.
hostname(config-cmap)# match [not] message-path regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a SIP request method, enter the following command:
i.
hostname(config-cmap)# match [not] request-method method
Where method is the type of method to match (ack, bye, cancel, info, invite, message, notify,
options, prack, refer, register, subscribe, unknown, update).
(Optional) To match the requester of a third-party registration by matching the From header in SIP
j.
REGISTER messages, enter the following command. This command only matches the requestor
when the contents of the To and From fields in a SIP REGISTER message are different.
hostname(config-cmap)# match [not] third-party-registration regex {class class_name |
regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
SIP Inspection
Step
1. The class
Step
2.
Step
1. The class
Step
2.
Step
1. The class
Step
2.
Step
1. The class
Step
2.
Step
1. The class
Step
2.
Step
1. The class
Step
2.
22-79