cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
483
Views
0
Helpful
4
Replies

Regular Expressions

cowetacoit
Level 1
Level 1

Does anyone know if there is any material out there that has pre build regular expressions? I can't seem to figure these things out. I'm wanting to block P2P traffic on our network but the ASA only can block Gator and Kazaa by default.

4 Replies 4

Tshi M
Level 5
Level 5

hope this helps. I personally have not done it but found the link.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml

I've built a class map/policy map with this Doc but i still can't figure out how to build my own REGEX for p2p such as Gnutella, Bittorrent, morpheus....etc. Does anyone have some documentation on the REGEXs?

Hi,

Please visit the following url :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml

http://supportwiki.cisco.com/ViewWiki/index.php/ASA_URL_filtering

Could you please try the following conf to block the p2p protocols

http-map inbound_http

port-misuse p2p action drop log

port-misuse tunneling action drop log

class-map http-port

match port tcp eq www

policy-map global_policy

class http-port

inspect http inbound_http

service-policy global_policy global

Regards

Jithesh

the HTTP-MAP command isn't supported on the newer asa. :/ NBAR seems to be the best solution for what i am looking for but i'm not sure i want to run it on my Edge router connecting to my ISP. We have an ASA5520 > Cisco 2811 > ISP. Seems like the ASA would have a similar feature like NBAR with PDLMs.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: