D-Link DFL-260E User Manual for DFL-260E - Page 321
Note: The hosts and networks blacklist is separate, 3.3. Static Content Filtering
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 321 highlights
6.3.3. Static Content Filtering Chapter 6. Security Mechanisms */*.gif www.example.com *example.com/* served by that site. Good. This will block all files with .gif as the file name extension. Bad. This will only block the first request to the web site. Surfing to www.example.com/index.html, for example, will not be blocked. Bad. This will also cause www.myexample.com to be blocked since it blocks all sites ending with example.com. Note: The hosts and networks blacklist is separate Web content filtering URL blacklisting is a separate concept from Section 6.7, "Blacklisting Hosts and Networks". Example 6.14. Setting up a white and blacklist This example shows the use of static content filtering where NetDefendOS can block or permit certain web pages based on blacklists and whitelists. As the usability of static content filtering will be illustrated, dynamic content filtering and active content handling will not be enabled in this example. In this small scenario a general surfing policy prevents users from downloading .exe-files. However, the D-Link website provides secure and necessary program files which should be allowed to download. Command-Line Interface Start by adding an HTTP ALG in order to filter HTTP traffic: gw-world:/> add ALG ALG_HTTP content_filtering Then create a HTTP ALG URL to set up a blacklist: gw-world:/> cc ALG ALG_HTTP content_filtering gw-world:/content_filtering> add ALG_HTTP_URL URL=*/*.exe Action=Blacklist Finally, make an exception from the blacklist by creating a specific whitelist: gw-world:/content_filtering> add ALG_HTTP_URL URL=www.D-Link.com/*.exe Action=Whitelist Web Interface Start by adding an HTTP ALG in order to filter HTTP traffic: 1. Go to: Objects > ALG > Add > HTTP ALG 2. Enter a suitable name for the ALG, for example content_filtering 3. Click OK Then create a HTTP ALG URL to setup a blacklist: 1. Go to: Objects > ALG 2. In the table, click on the recently created HTTP ALG to view its properties 3. Click the HTTP URL tab 321