Fortinet FortiGate FortiGate-60 Administration Manual page 230
Antivirus firewalls version 2.80 mr6
Hide thumbs
Also See for FortiGate FortiGate-60:
- Install manual (64 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
Protection profile
230
firewall profile command keywords and variables (Continued)
Keywords and
variables
http
{bannedword block
catblock
chunkedbypass
content_log
oversize
quarantine scan
scriptfilter
urlblock
urlexempt}
smtp
{bannedword block
content_log
fragmail oversize
quarantine
scan spamemailbwl
spamhdrcheck
spamhelodns
spamipbwl
spamraddrdns
spamrbl
splice}
01-28006-0002-20041105
Description
Select the actions that this profile will
use for filtering HTTP traffic for a
policy.
Enter chunkedbypass to allow web
sites that use chunked encoding for
HTTP to bypass the firewall. Chunked
encoding means the HTTP message
body is altered to allow it to be
transferred in a series of chunks. Use
this feature at your own risk. Malicious
content could enter your network if you
allow web content to bypass the
firewall.
Enter all the actions you want this
profile to use. Use a space to separate
the options you enter. If you want to
remove an option from the list or add
an option to the list, you must retype
the list with the option removed or
added.
Select the actions that this profile will
use for filtering SMTP traffic for a
policy.
Entering splice enables the
FortiGate unit to simultaneously scan
an email and send it to the SMTP
server. If the FortiGate unit detects a
virus, it terminates the server
connection and returns an error
message to the sender, listing the virus
name and infected filename. In this
mode, the SMTP server is not able to
deliver the email if it was sent with an
infected attachment. Throughput is
higher when splice is enabled. When
splice is disabled, the FortiGate unit
scans the email first. If the FortiGate
unit detects a virus, it removes the
infected attachment, adds a
customizable message, and sends the
email to the SMTP server for delivery.
Selecting enable for the splice
keyword returns an error message to
the sender if an attachment is infected.
The receiver does not receive the
email or the attachment. When splice
is disabled for SMTP, infected
attachments are removed and the
email is forwarded (without the
attachment) to the SMTP server for
delivery to the recipient.
Enter all the actions you want this
profile to use. Use a space to separate
the options you enter. If you want to
remove an option from the list or add
an option to the list, you must retype
the list with the option removed or
added.
Firewall
Default
Availability
No default. All models.
fragmail All models.
Fortinet Inc.
Hide quick links:
Advertisement
Table of Contents
