I have a situation where a ASA running 7.2.2 configured with HTTP inspection for blocking myspace.com access as follows:
regex domainmyspace "\.myspace\.com"
class-map type regex match-any DomainBlockList
match regex domainmyspace
class-map type inspect http match-all BlockDomainsClass
match request header host regex class DomainBlockList
match access-list inside_mpc
access-list inside_mpc extended permit tcp any any eq www
policy-map type inspect http http_inspection_policy
protocol-violation action drop-connection
match request method connect
inspect http http_inspection_policy
service-policy global_policy global
service-policy inside-policy interface inside
It is actually doing it's job in blocking myspace.com, although when this inspection is in place it will also traffic for the Windows Update from the IE on www.update.microsoft.com, any other HTTP traffic will work fine. I got captures for traffic incoming the inside interface with the service-policy in place and I do not see any traffic at all, if I remove everything works just fine!
Any help is highly appreciated.