Pattern sets and data sets 编辑
Policy expressions for string matching operations on a large set of string patterns tend to become long and complex. Resources consumed by the evaluation of such complex expressions are significant in terms of processing cycles, memory, and configuration size. You can create simpler, less resource-intensive expressions by using pattern matching.
Depending on the type of patterns that you want to match, you can use one of the following features to implement pattern matching:
- A pattern set is an array of indexed patterns used for string matching during default syntax policy evaluation. Example of a pattern set: image types {svg, bmp, PNG, GIF, tiff, jpg}.
- A data set is a specialized form of pattern set. It is an array of patterns of types number (integer), IPv4 address, or IPv6 address.
The difference between a patset
and a dataset
is that in a dataset
we compare the boundary condition. For example, if the input string is 1.1.1.11 and supposes that the 1.1.1.1 pattern is bound to a patset
and a dataset
of IPv4 type, then a patset
and dataset is configured to check whether the IP address is present in the request. After evaluation, patset
returns that the 1.1.1.1 is present in the input, but dataset
evaluation is false. This is because of a boundary check-in which the IP address is not been part of some other IP address. It means, after the bound pattern there must not be any integer.
Often, you can use either pattern sets or data sets. However, in cases where you want specific matches for numerical data or IPv4 and IPv6 addresses, you must use data sets.
Note:
Pattern sets and data sets can be used only in default syntax policies.
To use pattern sets or data sets, first create the pattern set or data set and bind patterns to it. Then, when you configure a policy for comparing a string in a packet, use an appropriate operator and pass the name of the pattern set or data set as an argument.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论