1 / 11

http 컨틀롤

http 컨틀롤. 빨강색은 외부로 서비스 하는 웹서버 빨강색의 url 은 lsh.com 검정색은 내부로 서비스 하는 웹 서버 검정색의 url 은 kkk.com/root. 허용 hostname( config )# regex url1 “www. lsh.com /.*.asp” hostname( config )# regex url2 “www. kkk.com/ . *.asp” hostname( config )# regex get “GET”

boyce
Download Presentation

http 컨틀롤

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. http 컨틀롤

  2. 빨강색은 외부로 서비스 하는 웹서버 빨강색의 url은 lsh.com 검정색은 내부로 서비스 하는 웹 서버 검정색의 url은 kkk.com/root

  3. 허용 hostname(config)# regex url1 “www\. lsh.com/.*\.asp” hostname(config)# regex url2 “www\. kkk.com/\. *\.asp” hostname(config)# regex get “GET” hostname(config)# regex put “PUT”

  4. class/정규식 검사를 비교 진행 hostname(config)# class-map type regex match-any url_to_log hostname(config-cmap)# match regex url1 hostname(config-cmap)# match regex url2 hostname(config-cmap)# exit

  5. methods 정규식 검사 hostname(config)# class-map type regex match-any methods_to_log hostname(config-cmap)# match regex get hostname(config-cmap)# match regex put hostname(config-cmap)# exit

  6. policy http 검사 hostname(config)# class-map type inspect http http_url_policy hostname(config-cmap)# match request uri regex class url_to_log hostname(config-cmap)# match request method regex class methods_to_log hostname(config-cmap)# exit

  7. policy / class 비교검사 hostname(config)# policy-map type inspect http http_policy hostname(config-pmap)# class http_url_policy hostname(config-pmap-c)# log

  8. 프로토쿨트레픽 설정 regex loginname1 “ying\@kkk.com” regex loginname2 “Kevin\@kkk.com” regex loginname3 “rahul\@kkk.com” regex loginname4 “darshant\@kkk.com” regex yahoo_version_regex “1\.0” regex gif_files “.*\.gif” regex .txt_files “.*\.txt

  9. 프로토쿨트레픽 설정 regex loginname1 “ying\@lsh.com” regex loginname2 “Kevin\@lsh.com” regex loginname3 “rahul\@lsh.com” regex loginname4 “darshant\@lsh.com” regex yahoo_version_regex “1\.0” regex gif_files “.*\.gif” regex hwp_files “.*\.hwp”

  10. class-map type regex match-all yahoo_src_login_name_regex match regex loginname1 match regex loginname2 class-map type regex match-all yahoo_dst_login_name_regex match regex loginname3 match regex loginname4 class-map type inspect im match-all yahoo_file_block_list ! match filename regex gif_files match filename regex exe_files class-map type inspect im match-all yahoo_im_policy ! match login-name regex class yahoo_src_login_name_regex match peer-login-name regex class yahoo_dst_login_name_regex class-map type inspect im match-all yahoo_im_policy2 match version regex yahoo_version_regex

  11. ! class-map im_inspect_class_map match default-inspection-traffi policy-map type inspect imim_policy_all ! class yahoo_file_block_list match service file-transfer class yahoo_im_policy drop-connection class yahoo_im_policy2 reset ! policy-map global_policy_name class im_inspect_class_map inspect imim_policy_all

More Related