Hi all,

i've been using a the classmap "class-map type inspect match-any min-cls-insp-in-out"  in a policymap "policy-map type inspect min-pm-in-out" in the zone security "ccp-zp-in-out source" for my firewall. I've just noticed a "match protocol Other" that i've for sure didn't insert, can you tell me what is the functionality of this parameter??

it was not making any sense to me and so i've tried to:

conf

class-map type inspect match-any min-cls-insp-in-out

no match protocol Other

                                           ^

% Invalid input detected at '^' marker.

i've tried to remove the "match protocol ftp" and the ftp traffic was actually been blocked by the firewall.

class-map type inspect match-any min-cls-insp-in-out

match protocol dns

match protocol ftp

match protocol icmp

match protocol imap

match protocol rtsp

match protocol ssh

match protocol pop3s

match protocol pop3

match protocol imaps

match protocol https

match protocol Other

match protocol ntp

...

policy-map type inspect min-pm-in-out

class type inspect min-cls-invalid-in-src

  drop log

class type inspect min-cls-insp-in-out

  inspect

class type inspect min-cls-insp-smtp

  inspect

class type inspect min-http-cmap

  inspect

class type inspect min-cls-insp-im

  inspect

class class-default

  drop log

zone-pair security ccp-zp-in-out source in-zone destination out-zone

service-policy type inspect min-pm-in-out

thank you !!