7-25

User

Guide

for

the

Cisco

Application

Networking

Manager

5.2

OL-26572-01

Chapter

7

Configuring

Virtual

Servers

Configuring

Virtual

Servers

Port

Misuse

Misuse

of

port

80

(or

any

other

port

running

HTTP)

to

be

used

for

application

inspection

decisions.

Choose

the

application

category

to

use

for

this

match

condition

as

follows:

•

IM—Instant

messaging

applications

ar

e

to

be

checked.

•

P2P—Peer-to-peer

applications

are

to

be

checked.

•

Tunneling—Tunneling

applications

ar

e

t

o

be

checked.

Request

Method

A

request

method

is

to

be

used

for

protocol

inspection

decisions.

By

default,

ACEs

allow

all

request

and

extension

methods.

This

option

allows

you

to

configure

protocol

inspection

decisions

based

on

compliance

to

request

methods

defined

in

RFC

2616

and

by

HTTP

extension

methods.

a.

Choose

the

type

of

request

method

to

use

for

this

match

condition:

–

Ext—An

HTTP

extension

method

is

to

be

used.

Note

The

list

of

available

HTTP

extension

methods

from

which

to

choose

varies

depending

on

the

version

of

software

installed

in

the

ACE.

–

RFC—The

request

method

defined

in

RFC

2616

is

to

be

used.

b.

In

the

Request

Method

field,

choose

the

request

method

that

is

to

be

inspected.

Strict

HTTP

Compliance

with

HTTP

RFC

2616

to

be

used

for

application

inspection

decisions.

Transfer

Encoding

An

HTTP

transfer-encoding

type

to

be

used

for

application

inspection

decisions.

The

transfer-encoding

general-header

field

indicates

the

type

of

transformation,

if

any,

that

has

been

applied

to

the

HTTP

message

body

to

safely

transfer

it

between

the

sender

and

the

recipient.

In

the

Transfer

Encoding

field,

choose

the

type

of

encoding

that

is

to

be

checked:

•

Chunked—The

message

body

is

transferred

as

a

series

of

chunks.

•

Compress—The

encoding

format

that

is

produced

by

the

UNIX

file

compression

program

compress.

•

Deflate—The

.zlib

format

that

is

defined

in

RFC

195

0

in

combination

with

t

he

DEFLATE

compression

mechanism

described

in

RFC

1951.

•

Gzip—The

encoding

format

that

is

produced

by

the

file

compression

program

GZIP

(GNU

zip)

as

described

in

RFC

195

2.

•

Identity—The

default

(identity)

encoding

which

does

not

require

the

use

of

transformation.

Table

7-8

HTTP

and

HTTPS

Protocol

Inspection

Conditions

and

Options

(continued)

Condition

Description