apps enhanced asf
Use the apps enhanced asf command to configure the enhanced Application Session Filtering.
The apps enhanced asfcommand has the following syntax:
apps enhanced-asf
alias <name>
flow-session <outer | inner>
timeout <value in seconds>
max-sessions <max session entries>
rule add
transport <tcp | udp>
app <application protocol>
field <application field>
match-pattern <regex profile alias>
action <pass | drop>
rule delete <rule-id>
exit
The following table describes the arguments for the apps exportercommand:
Argument |
Description |
|||||||||
alias <name> |
Specifies the enhanced Application Session Filtering alias. Supports a maximum of 5 alias. |
|||||||||
flow-session <outer | inner> |
Inspect the location of the application (SSL/gQUIC/HTTP). Outer refers to the application protocol present right after first IP/L4 port. Inner refers to the application present after second (encapsulated) IP/L4 port. |
|||||||||
timeout <value in seconds> |
Specifies the session inactive time out. The value ranges from 10 to 300. The default value is 30 seconds. |
|||||||||
max-sessions |
Specifies the maximum number of session entries. The value ranges from 4 million to 10 million. The default value is 4 million |
|||||||||
rule add |
Configures the Filtering rule |
|||||||||
transport <tcp | udp> |
Specifies the either of the layer 4 protocol:
|
|||||||||
app <application protocol> |
Specifies the following application protocol:
Note: IETF QUIC is not supported. |
|||||||||
field <application field> |
Specifies the application field:
|
|||||||||
match pattern <regrex alias name> |
Specifies regrex pattern profile alias name. |
|||||||||
action <pass | drop> |
Forward or drops packets according to the match session. |
|||||||||
rule delete <rule-id> |
Deletes a configured rule. |
Related Commands
The following table summarizes other commands related to the apps enhanced asfcommand:
Task |
Command |
Enables Enhanced Application Session Filteringfeature. |
gsop alias <gsop alias> |