17-53
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Configuring Protocols and Maps for Inspection
Field Reference
Table 17-30 HTTP Map Entity Length Tab
Element Description
Inspect URI Length Whether to enable inspection based on the length of the URI. If you
select this option, configure the following:
• Maximum—The desired maximum length, in bytes, of the URI,
from 1 to 65535.
• Excessive URI Length Action—The action to take when the length
is exceeded:
–
Allow Packet—Allow the message.
–
Drop Packet—Close the connection.
–
Reset Connection—Send a TCP reset message to client and
server.
• Generate Syslog—Whether to generate a syslog message when a
violation occurs.
Inspect Maximum Header
Length
Whether to enable inspection based on the length of the HTTP header.
If you select this option, configure the following:
• Request—The desired maximum length, in bytes, of the request
header, from 1 to 65535.
• Response—The desired maximum length, in bytes, of the response
header, from 1 to 65535.
• Excessive Header Length Action—The action to take when the
length is exceeded:
–
Allow Packet—Allow the message.
–
Drop Packet—Close the connection.
–
Reset Connection—Send a TCP reset message to client and
server.
• Generate Syslog—Whether to generate a syslog message when a
violation occurs.
