Allied Telesis AR300 series Network Router User Manual


 
22 Release Note
Software Release 2.3.1
C613-10325-00 REV B
Firewall HTTP Proxies and Firewall Policies
To add or delete a Firewall HTTP proxy, use the new HTTP option for the
PROXY parameter in the commands:
ADD FIREWALL POLICY=policy-name PROXY={HTTP|SMTP}
INTERFACE=interface GBLINTERFACE=interface DIRECTION={IN|
OUT|BOTH} [IP=ipadd] [DAYS=day-list] [AFTER=hh:mm]
[BEFORE=hh:mm]
DELETE FIREWALL POLICY=policy-name PROXY={HTTP|SMTP}
INTERFACE=interface GBLINTERFACE=interface DIRECTION={IN|
OUT|BOTH} [IP=ipadd]
The PROXY parameter specifies the application proxy that will be added to the
security policy. Available application proxies are described in Table 4.
HTTP Filters
To add to or delete from the HTTP filter for a firewall policy, use the
commands:
ADD FIREWALL POLICY=name HTTPFILTER=filename [DIRECTION={IN|
OUT}]
DELETE FIREWALL POLICY=name HTTPFILTER=filename
[DIRECTION={IN|OUT}]
where:
name is a character string, 1 to 15 characters in length. Valid characters are
letters (a-z, A-Z), digits (0-9) and the underscore character (“_”).
filename is the name of a file on the router.
These commands add or delete the contents of a HTTP filter file from the HTTP
filter of the specified firewall policy. The HTTP filter file contains a list of URLs,
keywords and cookie settings that are used to filter the traffic traversing the
HTTP proxy.
The POLICY parameter specifies the policy to which the HTTP filter file will be
added. It must already exist.
The HTTPFILTER parameter specifies the name of the HTTP filter file. The
filter file is a file type with a
.txt
extension containing zero or more single line
entries. The string
keywords:
must be placed at the beginning of the file and is
used to start the keyword section. Keywords can be placed on the same line if
they are separated by a space, or placed on separate lines. The URL section is
indicated by a
URLS:
keyword as the first word on the line. URL entries must
contain full domain, directory, and folder names. Only one domain is allowed
Table 4: Application Proxies.
Proxy Functions
HTTP Filtering of requested URLs.
Blocking/filtering of cookies.
SMTP Provides filtering of spam email from known spam sources.
Blocking of third party relay attacks.
Blocking of email smurf amp attacks.