Cisco Cisco Web Security Appliance S380 Guía Del Usuario
9-25
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 9 Classify URLs for Policy Application
Regular Expressions
Note
Technically, AsyncOS for Web uses the Flex regular expression analyzer. For more detailed information
about how it reads regular expressions, see http://flex.sourceforge.net/manual/Patterns.html.
about how it reads regular expressions, see http://flex.sourceforge.net/manual/Patterns.html.
You can use regular expressions in the following locations:
•
Custom URL categories for Access Policies. When you create a custom URL category to use with
Access Policy groups, you can use regular expressions to specify multiple web servers that match
the pattern you enter.
Access Policy groups, you can use regular expressions to specify multiple web servers that match
the pattern you enter.
•
Custom user agents to block. When you edit the applications to block for an Access Policy group,
you can use regular expressions to enter specific user agents to block.
you can use regular expressions to enter specific user agents to block.
Note
Regular expressions that perform extensive character matching consume resources and can affect system
performance. For this reason, regular expressions should be cautiously applied.
performance. For this reason, regular expressions should be cautiously applied.
Related Topics
•
•
Policy: Protocols and User Agents, page 9-13
Forming Regular Expressions
Regular expressions are rules that typically use the word “matches” in the expressions. They can be
applied to match specific URL destinations or web servers. For example, the following regular
expression matches any pattern containing “
applied to match specific URL destinations or web servers. For example, the following regular
expression matches any pattern containing “
blocksite.com
”:
\.blocksite\.com
Consider the following regular expression example:
server[0-9]\.example\.com
In this example,
server[0-9]
matches
server0
,
server1
,
server2
, ...,
server9
in the domain
example.com
.
In the following example, the regular expression matches files ending in
.exe
,
.zip
, and .
bin
in the
downloads
directory.
/downloads/.*\.(exe|zip|bin)
Note
You must enclose regular expressions that contain blank spaces or non-alphanumeric characters in
ASCII quotation marks.
ASCII quotation marks.
Guidelines for Avoiding Validation Failures
Important: Regular expressions that return more that 63 characters will fail and produce an
invalid-entry error. Please be sure to form regular expressions that do not have the potential to
return more than 63 characters.
invalid-entry error. Please be sure to form regular expressions that do not have the potential to
return more than 63 characters.
Follow these guidelines to minimize validation failures: