SonicOS 7.1 Objects
Table of Contents
Supported Match Object Types
The below table describes the supported match object types and associated match types.
| Object Type | Description | Match Types | Negative Matching | Extra Properties | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ActiveX ClassID | Class ID of an Active-X component. For example, ClassID of Gator Active-X component is c1fb8842-5281-45ce-a271-8fd5f117ba5f | Exact | No | None | ||||||||
| Custom Object | Allows specification of an IPS-style custom set of conditions | Exact | No | There are 4 additional, optional parameters that can be set: offset (describes from what byte in packet payload we should start matching the pattern – starts with 1; helps minimize false positives in matching), depth (describes at what byte in the packet payload we should stop matching the pattern – starts with 1), minimum payload size and maximum payload size. | ||||||||
| Email Body | Any content in the body of an email | Partial | No | None | ||||||||
| Email CC | Any content in the CC MIME Header | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| Email From | Any content in the From MIME Header | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| Email Size | Allows specification of the maximum email size that can be sent | N/A | No | None | ||||||||
| Email Subject | Any content in the Subject MIME Header | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| Email To | Any content in the To MIME Header | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| File Content |
Allows specification of a pattern to match in the content of a file. The pattern will be matched even if the file is compressed. Provides a way to match a pattern or keyword within a file. This type of match object can only be used with FTP Data Transfer, HTTP Server, or SMTP Client policies. |
Partial | No | Disable attachment action should never be applied to this object. | ||||||||
| File Extension |
|
Exact | Yes | None | ||||||||
| File Name |
|
Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| FTP Command | Allows selection of specific FTP commands | N/A | No | None | ||||||||
| FTP Command + Value | Allows selection of specific FTP commands and their values | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| HTTP Cookie | Allows specification of a Cookie sent by a browser | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| MIME Custom Header | Allows for creation of MIME custom headers | Exact, Partial, Prefix, Suffix | Yes | A Custom header name needs to be specified. | ||||||||
| HTTP Host | Content found inside of the HTTP Host header. Represents host name of the destination server in the HTTP request, such as www.google.com. | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| HTTP Referrer | Allows specification of content of a Referrer header sent by a browser – this can be useful to control or keep stats of which Web sites redirected a user to customer’s Web site. | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| HTTP Request Custom Header | Allows handling of custom HTTP Request headers. | Exact, Partial, Prefix, Suffix | Yes | A Custom header name needs to be specified. | ||||||||
| HTTP Response Custom Header | Allows handling of custom HTTP Response headers. | Exact, Partial, Prefix, Suffix | Yes | A Custom header name needs to be specified. | ||||||||
| HTTP Set Cookie | Set-Cookie headers. Provides a way to disallow certain cookies to be set in a browser. | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| HTTP URI Content | Any content found inside of the URI in the HTTP request. | Exact, Partial, Prefix, Suffix | No | None | ||||||||
| HTTP URL |
Any HTTP URL that needs to be matched. |
Exact, Partial, Prefix, Suffix | No | None | ||||||||
| HTTP User Agent | Any content inside of a User-Agent header. For example: User-Agent: Skype. | Exact, Partial, Prefix, Suffix | Yes | None | ||||||||
| Web Browser | Allows selection of specific Web browsers (MSIE, Netscape, Firefox, Safari, Chrome). | N/A | Yes | None | ||||||||
| IPS Signature Category List |
Available only in Classic Mode. Allows selection of one or more IPS signature groups. Each group contains multiple pre-defined IPS signatures. |
N/A | No | None | ||||||||
| IPS Signature List |
Available only in Classic Mode. Allows selection of one or more specific IPS signatures for enhanced granularity. |
N/A | No | None | ||||||||
| Application Category List |
Available only in Classic Mode. Allows specification of application categories, such as Multimedia, P2P, or Social Networking |
N/A | No | None | ||||||||
| Application List |
Available only in Classic Mode. Allows specification of individual applications within the application category that you select |
N/A | No | None | ||||||||
| Application Signature List |
Available only in Classic Mode. Allows specification of individual signatures for the application and category that you select |
N/A | No | None | ||||||||
| Log Email User |
Log SMTP E-mail users |
N/A | No | None |