Regular Expressions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2009 07:00 AM - edited 03-11-2019 07:46 AM
Does anyone know if there is any material out there that has pre build regular expressions? I can't seem to figure these things out. I'm wanting to block P2P traffic on our network but the ASA only can block Gator and Kazaa by default.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2009 07:06 AM
hope this helps. I personally have not done it but found the link.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2009 07:35 AM
I've built a class map/policy map with this Doc but i still can't figure out how to build my own REGEX for p2p such as Gnutella, Bittorrent, morpheus....etc. Does anyone have some documentation on the REGEXs?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2009 08:22 PM
Hi,
Please visit the following url :
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
http://supportwiki.cisco.com/ViewWiki/index.php/ASA_URL_filtering
Could you please try the following conf to block the p2p protocols
http-map inbound_http
port-misuse p2p action drop log
port-misuse tunneling action drop log
class-map http-port
match port tcp eq www
policy-map global_policy
class http-port
inspect http inbound_http
service-policy global_policy global
Regards
Jithesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-06-2009 05:35 AM
the HTTP-MAP command isn't supported on the newer asa. :/ NBAR seems to be the best solution for what i am looking for but i'm not sure i want to run it on my Edge router connecting to my ISP. We have an ASA5520 > Cisco 2811 > ISP. Seems like the ASA would have a similar feature like NBAR with PDLMs.
