01-06-2011 03:26 PM - edited 03-11-2019 12:31 PM
I am trying to log/drop packets with a specific string in the payload. I can't find a way to do it on any protocol other than http using a regex. Any suggestions? Thx.
01-07-2011 01:00 AM
Hello Corey,
You can use class map type stack (flexible packet matching) and PHDF files (available on cisco.com) to match whatever you want in a packet.
See this doc:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6723/prod_white_paper0900aecd80633b0a.html
You can also create custom protocols with nbar so that you can match them in class maps:
http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/nbar_cust_protcl.html
I hope this help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
