match regex
To identify a regular expression in a regular expression class map, use the match regex command in class-map type regex configuration mode. To remove the regular expression from the class map, use the no form of this command.
match regex name
no match regex name
Syntax Description
name |
The name of the regular expression you added with the regex command. |
Command Default
No default behavior or values.
Command Modes
The following table shows the modes in which you can enter the command:
Command Mode |
Firewall Mode |
Security Context |
|||
---|---|---|---|---|---|
Routed |
Transparent |
Single |
Multiple |
||
Context |
System |
||||
Class-map type regex configuration |
|
|
|
— |
|
Command History
Release |
Modification |
---|---|
7.0(2) |
This command was added. |
Usage Guidelines
The regex command can be used for various features that require text matching. You can group regular expressions in a regular expression class map using the class-map type regex command and then multiple match regex commands.
For example, you can configure special actions for application inspection using an inspection policy map (see the policy map type inspect command). In the inspection policy map, you can identify the traffic you want to act upon by creating an inspection class map containing one or more match commands or you can use match commands directly in the inspection policy map. Some match commands let you identify text in a packet using a regular expression; for example, you can match URL strings inside HTTP packets.
Examples
The following is an example of an HTTP inspection policy map and the related class maps. This policy map is activated by the Layer 3/4 policy map, which is enabled by the service policy.
ciscoasa(config)# regex url_example example\.com
ciscoasa(config)# regex url_example2 example2\.com
ciscoasa(config)# class-map type regex match-any URLs
ciscoasa(config-cmap)# match regex url_example
ciscoasa(config-cmap)# match regex url_example2
ciscoasa(config-cmap)# class-map type inspect http match-all http-traffic
ciscoasa(config-cmap)# match req-resp content-type mismatch
ciscoasa(config-cmap)# match request body length gt 1000
ciscoasa(config-cmap)# match not request uri regex class URLs
ciscoasa(config-cmap)# policy-map type inspect http http-map1
ciscoasa(config-pmap)# class http-traffic
ciscoasa(config-pmap-c)# drop-connection log
ciscoasa(config-pmap-c)# match req-resp content-type mismatch
ciscoasa(config-pmap-c)# reset log
ciscoasa(config-pmap-c)# parameters
ciscoasa(config-pmap-p)# protocol-violation action log
ciscoasa(config-pmap-p)# policy-map test
ciscoasa(config-pmap)# class test
[a Layer 3/4 class map not shown]
ciscoasa(config-pmap-c)# inspect http http-map1
ciscoasa(config-pmap-c)# service-policy test interface outside