Filter
Top Products
17-57
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Field Reference
HTTP Map Transfer Encoding Tab
Use the Transfer Encoding tab to enable inspection based on the transfer encoding type. The encoding
types that you can configure are:
• Chunked—Identifies the transfer encoding type in which the message body is transferred as a series
of chunks.
• Compressed—Identifies the transfer encoding type in which the message body is transferred using
UNIX file compression.
• Deflate—Identifies the transfer encoding type in which the message body is transferred using zlib
format (RFC 1950) and deflate compression (RFC 1951).
• GZIP—Identifies the transfer encoding type in which the message body is transferred using GNU
zip (RFC 1952).
• Identity—Identifies connections in which no transfer encoding is performed in the message body.
Navigation Path
Click the Transfer Encoding tab on the Add and Edit HTTP Map dialog boxes for ASA 7.1.x/PIX
7.1.x/FWSM 3.x/IOS Devices. See Configuring HTTP Maps for ASA 7.1.x, PIX 7.1.x, FWSM 3.x and
IOS Devices, page 17-50.
Related Topics
• Understanding Map Objects, page 6-72
• Configuring Protocols and Maps for Inspection, page 17-21
Table 17-33 HTTP Map Port Misuse Tab
Element Description
Available and Selected
Application Categories
Action
Generate Syslog
The Available Application Categories list contains the categories for
which you can define firewall inspection settings.
To configure an action for a category, select it, then select an action and
optionally select Generate Syslog if you want a message added to the
syslog when an HTTP request containing the selected application is
encountered. Click the >> button to add it to the Selected Categories
list. (To remove a category from the selected list, select it and click the
<< button.)
Tip You can select multiple categories at a time using Ctrl+click if
the action and syslog requests are the same for each.
The actions you can specify are:
• Allow Packet—Allow the message.
• Drop Packet—Close the connection.
• Reset Connection (default)—Send a TCP reset message to client
and server.
Specify the action to be
applied for the remaining
available categories above.
Whether to define a default action for the categories for which you have
not configured specific actions above. If you select this option, select
the action and syslog setting to use for the default action.