Configure Application-Layer
Protocol Inspection
Router(config)# ip inspect name
inspection-name protocol [timeout seconds]
Router(config)# ip inspect name inspection-name rpc
program-number number [wait-time minutes] [timeout
seconds]
Configure Java Inspection
Router(config)# access-list
access-list-number {deny | permit}source
[source-wildcard]
Router(config)# ip inspect name inspection-name http
[java-list access-list] [timeout seconds]
Configure Generic TCP and UDP
Inspection
Router(config)# ip inspect name
inspection-name tcp [timeout seconds]
Router(config)# ip inspect name inspection-name udp
[timeout seconds]
Apply the Inspection Rule
to an Interface
Router(config-if)#ip inspect
inspection-name {in | out}
Display Configuration,
Status, and Statistics for Context-Based Access Control
Router#show ip inspect name
inspection-name
Router#show ip inspect config
Router#show ip inspect interfaces
Router#show ip inspect session [detail]
Router#show ip inspect all
Debug Context-Based Access
Control
Router(config)#ip inspect audit trail
Generic Debug Commands
Router#debug ip inspect function-trace
Router#debug ip inspect object-creation
Router#debug ip inspect object-deletion
Router#debug ip inspect events
Router#debug ip inspect timers
Router#debug ip inspect detail
Router#debug ip inspect protocol