14-55

User

Guide

for

the

Cisco

Application

Networking

Manager

5.2

OL-26572-01

Chapter

14

Configuring

Traffic

Policies

Configuring

Rules

and

Actions

for

Policy

Maps

Header

MIME

Type

Multipurpose

Internet

Mail

Extension

(MIME)

message

types

that

are

used

for

protocol

inspection

decisions.

In

the

Header

MIME

Type

field,

choose

the

MI

ME

message

t

ype

to

be

used

for

this

match

condition.

Port

Misuse

Misuse

of

port

80

(or

any

other

port

running

HTTP)

that

is

used

for

protocol

inspection

decisions.

In

the

Port

Misuse

field,

choose

the

application

category

to

be

used

for

this

match

condition:

•

IM—Instant

messaging

applications

ar

e

to

be

used

for

this

match

condition.

•

P2P—Peer-to-peer

applications

are

to

be

used

for

this

match

condition.

•

Tunneling—Tunneling

applications

are

to

be

used

for

this

match

condition.

Request

Method

Request

method

that

is

used

for

protocol

inspection

decisions.

By

default,

ACEs

allow

all

request

and

extension

methods.

This

option

allows

you

to

configure

class

maps

that

define

protocol

inspection

decisions

based

on

compliance

to

request

methods

defined

in

RFC

2616

and

by

HTTP

extension

methods.

a.

In

the

Request

Method

Type

field,

choose

t

he

type

of

c

ompliance

t

o

be

used

for

protocol

inspection

decision:

–

Ext—An

HTTP

extension

method

is

to

be

used

for

protocol

inspection

decisions.

Note

The

list

of

available

HTTP

extension

methods

from

which

to

choose

varies

depending

on

the

version

of

software

installed

in

the

ACE.

–

RFC—A

request

method

defined

in

RFC

261

6

is

to

be

used

for

protocol

inspection

decisions.

b.

In

the

Request

Method

field,

choose

the

specific

request

method

to

be

used.

Strict

HTTP

Internal

compliance

checks

that

are

performed

to

verify

that

a

message

is

compliant

with

the

HTTP

RFC

standard,

RFC

2616.

If

the

HTTP

message

is

not

compliant,

the

ACE

performs

the

specified

Layer

7

policy

map

action.

Transfer

Encoding

HTTP

transfer-encoding

type

that

is

used

for

protocol

inspection

decisions.

The

transfer-encoding

general-header

field

indicates

the

type

of

transformation,

if

any,

that

has

been

applied

to

the

HTTP

message

body

to

safely

transfer

i

t

between

the

sender

and

the

recipient.

In

the

Transfer

Encoding

field,

choose

the

type

of

encoding

that

is

to

be

checked:

•

Chunked—Message

body

is

transferred

as

a

ser

ies

of

ch

unks.

•

Compress—Encoding

format

that

is

produced

by

the

UNIX

file

compression

program

compress.

•

Deflate—The

.zlib

format

that

is

defined

in

RFC

195

0

in

combination

with

t

he

DEFLATE

compression

mechanism

described

in

RFC

1951.

•

Gzip—Encoding

format

that

is

produced

by

the

file

compression

program

GZIP

(GNU

zip)

as

described

in

RFC

195

2.

•

Identity—Default

(identity)

encoding

which

does

not

require

the

use

of

transformation.

Table

14-22

Layer

7

HTTP

Deep

Packet

Inspection

Policy

Map

Match

Conditions

(continued)

Match

Condition

Description