Figure 49. Example Rule Chain – Blocking Bad Logins
Example – Positive Security Model: Blocking a Form Submission with Unwanted Parameters
This rule chain blocks a form submission if the form has a request parameter other than formId or if the value
of formId contains more than 4 digits. To accomplish this, you would need two rule chains:
1
The first rule chain contains two rules:
•
The first rule identifies the URL where the form is submitted.
•
The second rule checks if Parameter Names does not match the name of the valid parameter,
formId. It uses the Equals String operator with the Not inversion check box selected.
2
The second rule chain contains two rules:
•
The first rule identifies the URL where the form is submitted.
•
The second rule checks if the value contained by the Parameter Value: formId variable matches
the regular expression ^\d{1,4}$ which matches anything that consists of 1 to 4 digits. The Not
inversion check box is selected to change the rule to match anything that does not consist of 1 to
4 digits.
Example – Negative Security Model: Blocking Malicious Input to a Form
To block malicious input to a form, you would create a rule chain containing the following two rules:
1
The first rule identifies the URL for the form.
Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
306