Hi all, Iam trying to match sever feild in the http response header if I see cisco-IOS (for cisco IOS http server) the connection should get reset here is my config
parameter-map type regex IMRAN pattern cisco-IOS class-map type inspect http match-all HTTP_TRAFFIC match response header server regex IMRAN policy-map type inspect http PMAP_DMZ_TO_SERVER class type inspect http HTTP_TRAFFIC reset class-map type inspect match-any CMAP_DMZ_TO_OUTSIDE match protocol http policy-map type inspect PMAP_DMZ_TO_OUTSIDE class type inspect CMAP_DMZ_TO_OUTSIDE inspect service-policy http PMAP_DMZ_TO_SERVER class class-default zone security ZONE_INSIDE zone security ZONE_OUTSIDE zone security ZONE_DMZ zone-pair security DMZ_TO_OUTSIDE source ZONE_DMZ destination ZONE_OUTSIDE service-policy type inspect PMAP_DMZ_TO_OUTSIDE In ASA after creating regex we can test the regex is there anything similar in cisco IOS.Can some one provide me a doc where i can see examples for layer 7 policies in IOS ZWF. Once this works.I want to try to change the content of the server feild (basically to spoof the server) How to do that ? Regards Imran
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
