Cisco Cisco ASR 5700
ACS Ruledef Configuration Mode Commands
▀ tcp payload
▄ Command Line Interface Reference, StarOS Release 17
1150
tcp payload
This command allows you to define rule expressions to match hexadecimal or ASCII string content in the payload
protocol-signature field of the TCP payload.
protocol-signature field of the TCP payload.
Product
ACS
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Ruledef Configuration
active-charging service service_name > ruledef ruledef_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-acs-ruledef)#
Syntax
[ no ] tcp payload starts-with { hex-signature hex_string | string-signature string }
no
If previously configured, deletes the specified rule expression from the current ruledef.
hex-signature hex_string
Specifies hexadecimal protocol signature in payload field.
hex_string
must be a dash-delimited list of hex data of size smaller than 32.
string-signature string
Specifies protocol signature in payload field.
string
must be an alphanumeric string of 1 through 32 characters.
Usage
Use this command to define rule expressions to match for Hex/ASCII string content in payload protocol-
signature field.
This rule expression is useful for detecting certain applications.
signature field.
This rule expression is useful for detecting certain applications.
Example
The following command defines a rule expression to identify user traffic based on TCP protocol signature
tcp1
:
tcp payload starts-with string-signature tcp1