Skip Links

Network World

Brandon Carroll

Testing Regular Expressions

By brandon on Sun, 04/13/08 - 12:16pm.

When using the MPF you can use regular expressions to add functionality. You see this in application policies that let you filter file names and such. I came up with the idea for this post after I read a post on lifehacker that talked about a website that can test regular expressions. That site is here.

I thought I'd show how to test regular expressions on an ASA using the CLI. Well here it goes.

Lets say you want to match a file name, something like reallybad.jpg. You could write a regular expression like this:

"reallybad.jpg"

That would work but thats the only file name that could be matched. You could make it more broad with some special regular expression characters. For example

".+\.jpg" could match any jpeg. Here is how it works:

the . means that you want to match a single character. It doesnt matter what it is, just that there is a character there. The + means that you want to match one or more of the previous characters. So, .+ would match any number of characters as long as there is at least 1 character. Therefore "r" would match the expression .+ and so would "reallybad"

The \ Character tells the regular expression system that the very next character doesn't have any special meaning, and that we just want to look for what the character is. So in the abover regular expressions ".+\." we are looking for any number if characters followed by a "."

Therefore "reallybad." would match and so would "reallygood." and "r."

The rest of the regular expression matched the extension jpg.

Not something most us us do every day so if you need to learn more about regular expression you can look at the Cisco documentation for the ASA in the MPF chapter.

But now to the testing part, which is really what this post is about. From the CLI you can test a regex before you impliment it like this:

First test the reallybad.jpg to our regular expression:

asa1(config)# test regex reallybad.jpg ".+\.jpg"

INFO: Regular expression match succeeded.

As you can tell it was a success. Next test the reallygood.jpg:

asa1(config)# test regex reallygood.jpg ".+\.jpg"

INFO: Regular expression match succeeded.

Again we have a match. Now for just the letter "r" .jpg:

asa1(config)# test regex r.jpg ".+\.jpg"

INFO: Regular expression match succeeded.

Good to go. And finally lets test a .gif:

asa1(config)# test regex reallybad.gif ".+\.jpg"

INFO: Regular expression match failed.

asa1(config)#

An we can see, it did not work!

Well I hope this helps. Thanks for reading.

About Cisco Unwired

Brandon Carroll, CCIE # 23837, is a certified Cisco Systems Instructor working for Ascolta Training, based out of the Irvine, Ca. Training Center. He is published by Cisco Press/Pearson Education in the area of network security and wireless.

Brandon maintains a personal blog at GlobalConfig.net as well as a company blog at Ascolta

His most recent book is theCCNA Wireless Official Exam Certification Guide, however a new AAA Identity Management book is soon to be published, available now as a http://www.ciscopress.com/bookstore/product.asp?isbn=1587141558.

This blog is part of the Cisco Subnet blogging community.

 

Most Discussed Posts

Blog Roll
Ascolta's Cisco Study Blog
http://blog.ascolta.com
GlobalConfig.net
http://globalconfig.net
Etherealmind.com
http://etherealmind.com
PacketPushers
http://packetpushers.net
IOS Hints
http://blog.ioshints.info