Feature history for objects and groups, Configuring regular expressions, Creating a regular expression – Cisco ASA 5505 User Manual

Page 374

Advertising
background image

13-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 13 Configuring Objects

Configuring Regular Expressions

Feature History for Objects and Groups

Table 1

lists each feature change and the platform release in which it was implemented.

Configuring Regular Expressions

A regular expression matches text strings either literally as an exact string, or by using metacharacters
so that you can match multiple variants of a text string. You can use a regular expression to match the
content of certain application traffic; for example, you can match a URL string inside an HTTP packet.
This section describes how to create a regular expression and includes the following topics:

Creating a Regular Expression, page 13-12

Creating a Regular Expression Class Map, page 13-15

Creating a Regular Expression

A regular expression matches text strings either literally as an exact string, or by using metacharacters
so you can match multiple variants of a text string. You can use a regular expression to match the content
of certain application traffic; for example, you can match a URL string inside an HTTP packet.

Guidelines

Use Ctrl+V to escape all of the special characters in the CLI, such as question mark (?) or a tab. For
example, type d[Ctrl+V]?g to enter d?g in the configuration.

See the regex command in the command reference for performance impact information when matching
a regular expression to packets.

Note

As an optimization, the ASA searches on the deobfuscated URL. Deobfuscation compresses multiple
forward slashes (/) into a single slash. For strings that commonly use double slashes, like “http://”, be
sure to search for “http:/” instead.

Table 1

Feature History for Object Groups

Feature Name

Releases

Feature Information

Object groups

7.0(1)

Object groups simplify access list creation and
maintenance.

We introduced or modified the following commands:
object-group protocol, object-group network,
object-group service, object-group icmp_type.

Objects

8.3(1)

Object support was introduced.

We introduced or modified the following commands:

object-network, object-service, object-group network,
object-group service, network object, access-list
extended
, access-list webtype, access-list remark.

Advertising