Configuring Match Objects

This section describes match objects and includes procedures for searching match objects and for adding, editing, or deleting a match object on the Firewall > Match Objects page. A limited number of match objects are allowed, depending on the appliance model.

See the following sections for configuration steps and information:

•	Searching Match Objects

•	Adding or Editing Match Objects

•	Adding Application List Objects

•	Sorting Match Objects

•	Deleting Match Objects

•	Match Object Type Reference

Match objects represent the set of conditions which must be matched in order for actions to take place. This includes the object type, the match type (exact, partial, prefix, or suffix), the input representation (text or hexadecimal), and the actual content to match.

Hexadecimal input representation is used to match binary content such as executable files, while text input representation is used to match things like file or email content. You can also use hexadecimal input representation for binary content found in a graphic image. Text input representation could be used to match the same graphic if it contains a certain string in one of its properties fields.

The maximum size for a match object is 8192 (8K) bytes. Match objects do not provide matching for regular expressions on appliances running SonicOS 5.8.1.x. You can use a proxy server for this functionality.

The File Content match object type provides a way to match a pattern or keyword within a compressed (zip/gzip) file. This type of match object can only be used with FTP Data Transfer, HTTP Server, or SMTP Client policies.

NOTE: The Firewall > Match Objects page might not contain values in all columns for some types of match objects, when those fields are not applicable to those particular match object types.