Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

context (Application Identification)

 

Syntax

Hierarchy Level

[edit services application-identification application application-name over protocol-type signature name member name ]

Release Information

Statement introduced in Junos OS Release 15.1X49-D40.

Description

Specify context for matching application running over TCP, UDP, or Layer 7.

Application identification supports custom application signatures to detect applications as they pass through the device. You can create custom application signatures for applications based on ICMP, IP protocol, IP address, and Layer 7. While configuring custom application signatures, you must specify context values that the device can use to match patterns in the application traffic.

Options

contextSpecify the context type. For example, Following options are available in application signature package version 3284.
ftp-content-typeContent type of the transferred file.
ftp-file-nameFilename being transferred.
ftp-greeting-messageFirst line of the server banner.
ftp-load-wayFile transfer way—upload or download.
ftp-methodFTP command sent.
ftp-return-contentMessage of server's response.
http-filenameThe name of the file being fetched or posted. Extracted if content-disposition field has a filename.
http-get-url-parsed-param-parsedThe decoded, normalized GET URL in an HTTP request along with the decoded CGI parameters (if any).
http-header-content-type Content-type header in an HTTP transaction.
http-header-cookieCookie header in an HTTP transaction.
http-header-host Host header in an HTTP transaction.
http-header-user-agentUser-agent header in an HTTP transaction.
http-post-url-parsed-param-parsed Decoded, normalized POST URL in an HTTP request along with the decoded CGI parameters (if any).
http-post-variable-parsedDecoded POST URL or form data variables.
http-url-parsedDecoded, normalized URL in an HTTP request.
http-url-parsed-param-parsedDecoded, normalized URL in an HTTP request along with the decoded CGI parameters (if any).
imap-attach-filenameName of the file attached.
imap-attach-transfer-encodingEncoding of the attached content.
imap-attach-typeContent type of the sent attached file
imap-auth-typeUsed authentication type.
imap-content-languageLanguage of the message content.
imap-content-transfer-encodingThe encoding of the content
imap-content-typeContent type of the transferred file.
imap-greeting-messageGreeting message of the server
imap-methodCommand sent by the client.
imap-mime-versionVersion of the message body format standard used in the mail protocol.
imap-received-by-nameReceiving host name.
imap-received-from-nameSending host name.
smtp-attach-filenameAttachment file name.
smtp-attach-transfer-encodingEncoding of the attached content.
smtp-attach-typeContent type of the sent attached file.
smtp-content-languageLanguage of the message content.
smtp-content-transfer-encodingEncoding of the content
smtp-content-typeContent type of transferred file
smtp-greeting-messageGreeting message of the server
smtp-methodCommand sent by the client.
smtp-mime-versionVersion of the message body format standard.
smtp-received-by-nameName of the receiving host.
smtp-received-from-nameName of the sending host.
smtp-serverThe SMTP server name
ssl-common-nameDomain name in the certificate.
ssl-issuerCertificate Authority.
ssl-organization-nameOrganisation name in the certificate.
ssl-protocol-versionSSL/TLS protocol version chosen by the server.
ssl-server-nameServer name in TLS server name extension or SSL server certificate.
ssl-versionSSL major version in the handshake.
ssl-server-name Server name in the TLS server name extension or the SSL server certificate. This is also known as Server Name Indication (SNI).
stream TCP or UDP stream data.

Examples of context types with direction. When configuring custom application signatures, the context-direction combinations as mentioned in Table 1 is supported. Any other combination other than this is not supported.

Table 1: Supported Context-Direction Combination for Custom Application Signatures

Context

Direction

http-get-url-parsed-param-parsed

client-to-server

http-header-host

client-to-server

http-header-user-agent

client-to-server

http-post-url-parsed-param-parsed

client-to-server

http-post-variable-parsed

client-to-server

http-url-parsed

client-to-server

http-url-parsed-param-parsed

client-to-server

ssl-server-name

client-to-server

stream

any/client-to-server/server-to-client

http-header-content-type

any/client-to-server/server-to-client

http-header-cookie

any/client-to-server/server-to-client

Note

If you are planning to upgrade the device to Junos OS release 15.1X49-D60 from the previous versions of the Junos OS, you must change the configuration to the valid combination of context-direction as mentioned in Table 1 to avoid any commit failure and possible disabling of the secondary node.

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.