The Http Alg - D-Link DFL-1660 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1660:
- User manual (483 pages) ,
- Installation manual (45 pages) ,
- Reference manual (948 pages)
Table of Contents
Advertisement
6.2.2. The HTTP ALG
Maximum Connection Sessions
The service associated with an ALG has a configurable parameter associated with it called Max
Sessions and the default value varies according to the type of ALG. For instance, the default value
for the HTTP ALG is 1000. This means that a 1000 connections are allowed in total for the HTTP
service across all interfaces. The full list of default maximum session values are:
•
HTTP ALG - 1000 sessions.
•
FTP ALG - 200 sessions.
•
TFTP ALG - 200 sessions.
•
SMTP ALG - 200 sessions.
•
POP3 ALG - 200 sessions.
•
H.323 ALG - 100 sessions.
•
SIP ALG - 200 sessions.
6.2.2. The HTTP ALG
Hyper Text Transfer Protocol (HTTP) is the primary protocol used to access the World Wide Web
(WWW). It is a connectionless, stateless, application layer protocol based on a request/response
architecture. A client, such as a Web browser, sends a request by establishing a TCP/IP connection
to a known port (usually port 80) on a remote server. The server answers with a response string,
followed by a message of its own. That message might be, for example, an HTML file to be shown
in the Web browser or an ActiveX component to be executed on the client, or perhaps an error
message.
The HTTP protocol has particular issues associated with it because of the wide variety of web sites
that exist and because of the range of file types that can be downloaded using the protocol.
HTTP ALG Features
The HTTP ALG is an extensive NetDefendOS subsystem consisting of the options described below:
•
Static Content Filtering - This deals with Blacklisting and Whitelisting of specific URLs.
1.
URL Blacklisting
Specific URLs can be blacklisted so that they are not accessible. Wildcarding can be used
when specifying URLs, as described below.
2.
URL Whitelisting
The opposite to blacklisting, this makes sure certain URLs are always allowed.
Wildcarding can also be used for these URLs, as described below.
It is important to note that whitelisting a URL means that it cannot be blacklisted and it also
Tip: Maximum sessions for HTTP can sometimes be too low
This default value of the maximum sessions can often be too low for HTTP if there are
large number of clients connecting through the NetDefend Firewall and it is therefore
recommended to consider using a higher value in such circumstances.
273
Chapter 6. Security Mechanisms
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
