D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: fernando.w on April 15, 2010, 11:04:16 AM
-
Hello,
As we know the DFL-800 permits to create ALGs with blacklists/whitelists to handle the permissions of Internet access (IP rules). But it is possible to create a blacklist based in words to use in ip rules?
Best Regards,
-
You mean as part of a URL or what?
If you mean as part of a URL then just create a blacklist for *verboten* where verboten is the forbidden word.
I don't think I am understanding your difficulty fully, please be more verbose.
-
Hello Fatman,
I'm deploying a project to substitutes a Linux Firewall/VPN/Proxy solution that uses the Squid software to make web access restrictions. One of the the funcionalities of the Squid is to use a word-based blacklist to block web pages.
I did some tests with your suggestion and I think that it will work fine.
But if I to need to add more words to this blacklist, it can be do through a script?
There is some document that shows how build scripts for tasks automation?
Best regards,
-
set ALG_HTTP http-outbound
cc ALG_HTTP http-outbound
add ALG_HTTP_URL Index=1 URL=*odnolkassniki.ru/* -silent
-
Thanks for answer danilovav! I Will test my environment with your tip and then report here.
Best regards,
-
I have a DFL-210 set up in my school. My school has a policy to block certain keywords. facebook being one of them.
So, I programmed the router to do so using the http-outbound ALG setting keyword.
My students have found an interesting way around it.
When they type http://www.facebook.com they get the "Forbidden" page.
When they type https://www.facebook.com they get facebook!
I've tried applying the ALG to https service, but it doesn't work.
What do I do to apply my keywords list to secure websites?
-Graham
-
You can't filter the URL inside a HTTPS packet as it is encrypted using SSL. You will need an HTTPS proxy doing some man in the middle tricks to get inside SSL to my knowledge.