Identifying Traffic Using Inspection Rules
Until this point, we have discussed generic CBAC inspection rules. However, to apply CBAC rules to an interface, you must create a named inspection rule. The named inspection rules are required if you want to inspect a particular application or protocol. Remember, if you do not specify a specific application or protocol to be inspected, CBAC does not inspect that traffic. We discussed earlier which specific protocols CBAC can inspect in addition to TCP and UDP traffic.
The default for CBAC is that no inspection rules are defined.
The syntax to define an inspection rule is
Router(config)# ip inspect name ...