Cisco Cisco ACE Application Control Engine Module
7
Release Note for the Cisco Application Control Engine Module
OL-22471-01
New Software Features in Version A2(2.1)
“\xST” Metacharacter Regex Usage Considerations
The new “\xST” metacharacter has the following usage guidelines related to its inclusion in regex
matching:
matching:
•
If the input matches a regex pattern that includes the “\xST” metacharacter, the regex engine will
halt upon finding the character directly next to the '\xST' in the regex string (2nd '\x01' in the match
statement).
halt upon finding the character directly next to the '\xST' in the regex string (2nd '\x01' in the match
statement).
•
No additional input data will be considered by the ACE once the matching pattern is seen which may
affect other regexes that are configured elsewhere in the policy. In this case, the “\xST”
metacharacter should be used only once in the policy.
affect other regexes that are configured elsewhere in the policy. In this case, the “\xST”
metacharacter should be used only once in the policy.
•
The “\xST” metacharacter should only be used at the end of a regex pattern and not at the beginning.
In this case, the ACE will display the “Error: Invalid regular expression” error message.
In this case, the ACE will display the “Error: Invalid regular expression” error message.
•
The “\xST” metacharacter should not be added directly after a * wildcard match. For example,
“abc.*\xST” would not be a recommended regex.
“abc.*\xST” would not be a recommended regex.
Configuration Examples
The following configuration examples show the use of the “\xST” metacharacter in two very specific
regexes:
regexes:
SSL session-ID Stickiness Configuration Example
parameter-map type generic SESSID-PARAM
set max-parse-length 76
sticky layer4-payload SESSID-STICKY
serverfarm SF1
response sticky
layer4-payload offset 43 length 32 begin-pattern "(\x20|\x00\xST)"
FIX Protocol Configuration Example
sticky layer4-payload FIX-STICKY
serverfarm FIX-SF1
layer4-payload begin-pattern "\x0149=" end-pattern "\x01"
class-map type generic match-all FIX-CM
2 match layer4-payload regex ".*\x0110=...\x01\xST"