Actually, I would like to disable SQLNet inspection, but anyway I would like to do that on 3.1 software not on 2.3.

O 3.1 you have MPF where you can manipulate with inspections.

For disabling SQLNet (for IOS 3.1)

policy-map global_policy

class inspection_default

no inspect sqlnet

It is correct when you want to disable the default inspection but I would like to disable the inspection for the particular flow, that I would like to specify by access-list.

I can create new class-map based on the ACL and then add it to the policy-map default, but the question is what is the order in which the class entried are being serviced. Does the default class-map is serviced last, no metter how many other classes do I have ?

And the other question is what will happen when I configure new class under default policy-map without selecting the inspection for it. Does the default inspections are going to be used for this kind of traffic or this traffic is going to be serviced without any inspections ?

You can only apply one global policy, so if you want to alter the global policy, you need to either edit the default policy (add new class or inspects) or disable it and apply a new one.

So if you create a new policy-map, you need to create a service policy to apply it to particular interface and not globally.

But again , Interface service policies take precedence over the global service policy.

So in your case you can disable "inspect sqlnet" in the default global_policy and create a policy map with specific ACL and then apply it to particular interface.