Support User Manuals

HP (Hewlett-Packard) 700wl Series Switch User Manual

Open as PDF

of 388

Configuring Rights

Table 4-30. HTTP Proxy Filter Types

Filter Rule Type Description

• Allow Reg Accepts HTTP traffic to a destination specified as a regular expression that

evaluates to an address or address range

For example —(.*).domain.com“

• Deny IP Redirects HTTP traffic destined for a specified IP address

• Deny FQDN Redirects HTTP traffic destined for a specified fully-qualified domain name

For example, www.domain.com

• Deny Host Redirects HTTP traffic destined for a specified host name

For example, www or home

• Deny Net Redirects HTTP traffic destined for a specified network address (IP address and

subnet mask)

For example, 192.168.0.0/16

• Deny Reg Redirects HTTP traffic to a destination specified as a regular expression that

evaluates to an address or address range.

For example —(.*).domain.com“

• Allow All Accepts all HTTP traffic. This is the alternate catch all rule

The destination is always specified as —(.*)“.

• Deny All Redirects all HTTP traffic. This is the default catch all rule

The destination is always specified as —(.*)“.

Step 4.

In the Details field, enter a specification for the destination that will identify the traffic that should

be accepted or denied based on this rule. The description column of

Table 4-30 specifies the form

of the destination specifications for each filter rule type.

Step 5. To specify that the 700wl Series system should verify the destination name or address via DNS

before forwarding it to the proxy server, check the

Verify via DNS checkbox.

Note: The Verify via DNS option is a relatively costly processing operation. Therefore, it is

good practice to use it sparingly. You would typically use it with a Deny rule, especially a Deny

IP or Deny Net rule, to detect and prevent requests with spoofed DNS that could result in

access to restricted sites.

Step 6. Click Save to save this filter. If you have edited an existing filter, this replaces the original filter

with the modified filter definition.

To add the modified filter as a new HTTP Proxy filter, leaving the original filter unchanged, click

Save As Copy. The Save As Copy button is available only on the Edit Filter page.

After a

Save As Copy the same page remains displayed so you can make additional changes.

Click

Cancel to return to the previous page without making any further changes.

4-78 HP ProCurve Secure Access 700wl Series Management and Configuration Guide

previous next