02-13-2010 01:46 PM - edited 03-11-2019 10:08 AM
I've been studying how inspect policy maps work on an ASA, and I come across the part where they talk about blocking content using regex expressions. I see that there are plenty of examples published by Cisco (and many threads on various discussion boards) and I also see that there is a widly published syntax for regular expressions. All of this make sense to me so far. But, then I tried to configure this feature on my ASA, which has proven to be much harder than it should be.
First, I started on version 7.2(4). I configured it exactly as they said and it didn't work, so I upgraded to 8.0(4) and the same thing occured. Now, I'm running 8.2(2) and I'm bumping into the same problem. Has anyone had such issues with this? Let me show you what I'm doing:
ciscoasa(config)# sho run regex
regex testa "a\.com"
ciscoasa(config)# test regex a.com testa
INFO: Regular expression match failed.
ciscoasa(config)# test regex acom testa
INFO: Regular expression match failed.
ciscoasa(config)# test regex a\.com testa
INFO: Regular expression match failed.
ciscoasa(config)#
ciscoasa(config)# sho run regex
regex cisco_website "\.cisco\.com"
ciscoasa(config)# test regex www.cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)# test regex .cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)# test regex cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)#
ciscoasa(config)# sho run regex
regex cisco_website ".*\.cisco\.com"
ciscoasa(config)# test regex www.cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)# test regex .cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)# test regex cisco.com cisco_website
INFO: Regular expression match failed.
ciscoasa(config)#
ciscoasa(config)# sho run regex
regex file1 ".*[fF][iI][lL][eE][1]\.[tT][xX][tT].*"
ciscoasa(config)# test regex file12.txt file1
INFO: Regular expression match succeeded.
ciscoasa(config)# test regex file1txt file1
INFO: Regular expression match succeeded.
ciscoasa(config)# test regex file2txt file1
INFO: Regular expression match failed.
ciscoasa(config)# test regex file21txt file1
INFO: Regular expression match failed.
ciscoasa(config)# test regex file12txt file1
INFO: Regular expression match succeeded.
ciscoasa(config)# test regex blahfile1.blah.txtblah file1
INFO: Regular expression match succeeded.
ciscoasa(config)#
ciscoasa(config)# regex r-facebook www\.facebook\.com
ciscoasa(config)# test regex www.facebook.com r-facebook
INFO: Regular expression match failed.
ciscoasa(config)# regex r-facebook facebook
ciscoasa(config)# test regex www.facebook.com r-facebook
INFO: Regular expression match failed.
ciscoasa(config)# regex r-facebook .*facebook.*
ciscoasa(config)# test regex www.facebook.com r-facebook
INFO: Regular expression match failed.
ciscoasa(config)#
So, I have the regex expressions configured exactly as they should, but when I use the "test regex" feature, stuff doesn't match when it should and it does match when it shouldn't.
Any help is appreciated.
Jeff
Solved! Go to Solution.
02-13-2010 03:10 PM
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
regex testa "a\.com"
5505(config)# test regex http://a.com a\.com
INFO: Regular expression match succeeded.
5505(config)#
It works...
-KS
02-13-2010 03:10 PM
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
regex testa "a\.com"
5505(config)# test regex http://a.com a\.com
INFO: Regular expression match succeeded.
5505(config)#
It works...
-KS
02-13-2010 05:24 PM
Ahh, I see what I've done. I thought the "test regex" command referenced the regex that I had already configured, not the actual expression on the "test regex" line. I expected it to work like testing a voice dial peer, but I'm set straight now.
Thanks for your help.
Jeff
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide