Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

context (Application Identification)

Syntax

Hierarchy Level

[edit services application-identification application application-name over protocol-type signature name member name ]

Description

Specify context for matching application running over TCP, UDP, or Layer 7.

Application identification supports custom application signatures to detect applications as they pass through the device. You can create custom application signatures for applications based on ICMP, IP protocol, IP address, and Layer 7. While configuring custom application signatures, you must specify context values that the device can use to match patterns in the application traffic.

Options

context

Specify the context type. For example, Following options are available in application signature package version 3284.

ftp-content-type

Content type of the transferred file.

ftp-file-name

Filename being transferred.

ftp-greeting-message

First line of the server banner.

ftp-load-way

File transfer way—upload or download.

ftp-method

FTP command sent.

ftp-return-content

Message of server's response.

http-filename

The name of the file being fetched or posted. Extracted if content-disposition field has a filename.

http-get-url-parsed-param-parsed

The decoded, normalized GET URL in an HTTP request along with the decoded CGI parameters (if any).

http-header-content-type

Content-type header in an HTTP transaction.

http-header-cookie

Cookie header in an HTTP transaction.

http-header-host

Host header in an HTTP transaction.

http-header-user-agent

User-agent header in an HTTP transaction.

http-post-url-parsed-param-parsed

Decoded, normalized POST URL in an HTTP request along with the decoded CGI parameters (if any).

http-post-variable-parsed

Decoded POST URL or form data variables.

http-url-parsed

Decoded, normalized URL in an HTTP request.

http-url-parsed-param-parsed

Decoded, normalized URL in an HTTP request along with the decoded CGI parameters (if any).

imap-attach-filename

Name of the file attached.

imap-attach-transfer-encoding

Encoding of the attached content.

imap-attach-type

Content type of the sent attached file

imap-auth-type

Used authentication type.

imap-content-language

Language of the message content.

imap-content-transfer-encoding

The encoding of the content

imap-content-type

Content type of the transferred file.

imap-greeting-message

Greeting message of the server

imap-method

Command sent by the client.

imap-mime-version

Version of the message body format standard used in the mail protocol.

imap-received-by-name

Receiving host name.

imap-received-from-name

Sending host name.

smtp-attach-filename

Attachment file name.

smtp-attach-transfer-encoding

Encoding of the attached content.

smtp-attach-type

Content type of the sent attached file.

smtp-content-language

Language of the message content.

smtp-content-transfer-encoding

Encoding of the content

smtp-content-type

Content type of transferred file

smtp-greeting-message

Greeting message of the server

smtp-method

Command sent by the client.

smtp-mime-version

Version of the message body format standard.

smtp-received-by-name

Name of the receiving host.

smtp-received-from-name

Name of the sending host.

smtp-server

The SMTP server name

ssl-common-name

Domain name in the certificate.

ssl-issuer

Certificate Authority.

ssl-organization-name

Organisation name in the certificate.

ssl-protocol-version

SSL/TLS protocol version chosen by the server.

ssl-server-name

Server name in TLS server name extension or SSL server certificate.

ssl-version

SSL major version in the handshake.

ssl-server-name

Server name in the TLS server name extension or the SSL server certificate. This is also known as Server Name Indication (SNI).

stream

TCP or UDP stream data.

Examples of context types with direction. When configuring custom application signatures, the context-direction combinations as mentioned in Table 1 is supported. Any other combination other than this is not supported.

Table 1: Supported Context-Direction Combination for Custom Application Signatures

Context

Direction

http-get-url-parsed-param-parsed

client-to-server

http-header-host

client-to-server

http-header-user-agent

client-to-server

http-post-url-parsed-param-parsed

client-to-server

http-post-variable-parsed

client-to-server

http-url-parsed

client-to-server

http-url-parsed-param-parsed

client-to-server

ssl-server-name

client-to-server

stream

any/client-to-server/server-to-client

http-header-content-type

any/client-to-server/server-to-client

http-header-cookie

any/client-to-server/server-to-client

Note:

If you are planning to upgrade the device to Junos OS release 15.1X49-D60 from the previous versions of the Junos OS, you must change the configuration to the valid combination of context-direction as mentioned in Table 1 to avoid any commit failure and possible disabling of the secondary node.

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 15.1X49-D40.