Episode 13 - HTTP filtering on the ASA
Show notes:
Link to page with http packet captures referenced in the podcast episode.
HTTP RFC
Link to 'inspect http' online documentation:
Sample ASA MPF showing blocking of www.facebook.com:
---------------
regex fbhostregex “[Ff][Aa][Cc][Ee][Bb][Oo][Oo][Kk]\.[Cc][Oo][Mm]”
class-map type inspect http match-any block-url-class
match request header host regex fbhostregex
policy-map type inspect http block-url-policy
parameters
class block-url-class
drop-connection log
policy-map global_policy
class inspection_default
inspect http block-url-policy
service-policy global_policy global
---------------