29-7
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 29 Configuring Filtering Services
Filtering URLs and FTP Requests with an External Server
–
Enter a hostname.
–
Enter an IP address and optional network mask. You can express the netmask in CIDR or dotted
decimal notation. For example, you can enter 10.1.1.0/24 or 10.1.1.0/255.255.255.0.
–
Click the ellipses to display the Browse Source dialog box. Choose a host or address from the
drop-down list.
• Enter the destination of the traffic to which the filtering action applies. To enter the source, choose
from the following options:
–
Enter any to indicate any destination address.
–
Enter a hostname.
–
Enter an IP address and optional network mask. You can express the netmask in CIDR or dotted
decimal notation. For example, you can enter 10.1.1.0/24 or 10.1.1.0/255.255.255.0.
–
Click the ellipses to display the Browse Destination dialog box. Choose a host or address from
the drop-down list.
• Identify the service of the traffic to which the filtering action applies. To identify the service, enter
one of the following:
–
tcp/port—The port number can range from 1 to 65535. Additionally, you can use the following
modifiers with the TCP service:
!=—Not equal to. For example, !=tcp/443.
<—Less than. For example, <tcp/2000.
>—Greater than. For example, >tcp/2000.
- —Range. For example, tcp/2000-3000.
–
Enter a well-known service name, such as HTTP or FTP.
–
Click the ellipses to display the Browse Service dialog box. Choose a service from the
drop-down list.
• Click OK to close this dialog box.
• Click Apply to save your changes.
Step 4 If you chose Add Filter Java Rule, specify the following settings:
• Click one of the following radio buttons: Filter Java or Do not filter Java.
• Enter the source of the traffic to which the filtering action applies. To enter the source, choose from
the following options:
–
Enter any to indicate any source address.
–
Enter a hostname.
–
Enter an IP address and optional network mask. You can express the netmask in CIDR or dotted
decimal notation. For example, you can enter 10.1.1.0/24 or 10.1.1.0/255.255.255.0.
–
Click the ellipses to display the Browse Source dialog box. Choose a host or address from the
drop-down list.
• Enter the destination of the traffic to which the filtering action applies. To enter the source, choose
from the following options:
–
Enter any to indicate any destination address.
–
Enter a hostname.