Regular Expressions

Unanswered Question
Feb 5th, 2009

Does anyone know if there is any material out there that has pre build regular expressions? I can't seem to figure these things out. I'm wanting to block P2P traffic on our network but the ASA only can block Gator and Kazaa by default.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cowetacoit Thu, 02/05/2009 - 07:35

I've built a class map/policy map with this Doc but i still can't figure out how to build my own REGEX for p2p such as Gnutella, Bittorrent, morpheus....etc. Does anyone have some documentation on the REGEXs?

Jithesh K Joy Thu, 02/05/2009 - 20:22


Please visit the following url :

Could you please try the following conf to block the p2p protocols

http-map inbound_http

port-misuse p2p action drop log

port-misuse tunneling action drop log

class-map http-port

match port tcp eq www

policy-map global_policy

class http-port

inspect http inbound_http

service-policy global_policy global



cowetacoit Fri, 02/06/2009 - 05:35

the HTTP-MAP command isn't supported on the newer asa. :/ NBAR seems to be the best solution for what i am looking for but i'm not sure i want to run it on my Edge router connecting to my ISP. We have an ASA5520 > Cisco 2811 > ISP. Seems like the ASA would have a similar feature like NBAR with PDLMs.


This Discussion