Table of Contents
Advertisement
standalone webfilter like www.webfilter.com; it does not match website addresses like
www.webfilter-china.com.
A filtering entry with neither "^" at the beginning nor "$" at the end indicates a fuzzy match, and
•
matches website addresses containing the keyword.
If "*" is present at the beginning of a filtering entry, it must be present in the format like *.xxx, where
•
xxx represents a keyword, for example, *.com or *.webfilter.com.
A filtering entry with only numerals is invalid. To filter a website address like www.123.com, you can
•
define a filtering entry like ^123$, www.123.com, or 123.com, instead of 123. In other words, use
exact match to filter numeral website addresses.
Description
Use the firewall http url-filter host url-address command to add a URL address filtering entry and set the
filtering action.
Use the undo firewall http url-filter host url-address command to remove one or all URL address filtering
entries.
The firewall supports a maximum of 256 URL address filtering entries.
You can change the filtering action for an existing filtering entry, for example, from deny to permit.
Related commands: display firewall http url-filter host.
Examples
# Add filtering entry ^china& to the URL address filtering entry list and set the filtering action to permit.
<Sysname> system-view
[Sysname] firewall http url-filter host url-address permit ^china&
firewall http url-filter parameter
Syntax
firewall http url-filter parameter { default | keywords keywords }
undo firewall http url-filter parameter [ default | keywords keywords ]
View
System view
Default level
2: System level
Parameters
default: Specifies to use the default parameter filtering entries, including: ^select$, ^insert$, ^update$,
^delete$, ^drop$, --, ', ^exec$, and %27.
keywords keywords: Specifies to use a user-defined parameter filtering entry. The keywords argument is
a case-insensitive string of 1 to 80 characters. Valid characters include numerals, English letters,
wildcards ('^', '$', '&' and '*'), and other ASCII characters with values in the range 31 to 127.A filtering
entry can be a string with spaces, but such an entry must be present in quotes, for example, "select all".
One space in a filtering entry can match multiple consecutive spaces in a URL parameter of an HTTP
request. For meanings of the wildcards, see
Table
7.
16
Advertisement
Table of Contents
Need help?
Do you have a question about the SecPath Series and is the answer not in the manual?