Setting up a white and blacklist – D-Link DFL-2500 User Manual
Page 171
Note
Web content filtering URL blacklisting is a separate concept from Section 6.7,
“Blacklisting Hosts and Networks”.
Example 6.14. Setting up a white and blacklist
This example shows the use of static content filtering where NetDefendOS can block or permit certain web pages
based on blacklists and whitelists. As the usability of static content filtering will be illustrated, dynamic content
filtering and active content handling will not be enabled in this example.
In this small scenario a general surfing policy prevents users from downloading .exe-files. However, the D-Link
website provides secure and necessary program files which should be allowed to download.
CLI
Start by adding an HTTP ALG in order to filter HTTP traffic:
gw-world:/> add ALG ALG_HTTP content_filtering
Then create a HTTP ALG URL to set up a blacklist:
gw-world:/> cc ALG ALG_HTTP content_filtering
gw-world:/content_filtering> add ALG_HTTP_URL URL=*/*.exe Action=Blacklist
Finally, make an exception from the blacklist by creating a specific whitelist:
gw-world:/content_filtering> add ALG_HTTP_URL URL=www.D-Link.com/*.exe
Action=Whitelist
Web Interface
Start by adding an HTTP ALG in order to filter HTTP traffic:
1.
Go to Objects > ALG > Add > HTTP ALG
2.
Enter a suitable name for the ALG, for instance content_filtering
3.
Click OK
Then create a HTTP ALG URL to setup a blacklist:
1.
Go to Objects > ALG
2.
In the grid, click on the recently created HTTP ALG, content_filtering and go to Add > HTTP ALG URL
3.
Select Blacklist in the Action dropdown control.
4.
Enter */*.exe in the URL textbox
5.
Click OK
Finally, make an exception from the blacklist by creating a certain whitelist:
1.
Go to Objects > ALG
2.
In the grid, click on the recently created HTTP ALG, content_filtering and go to Add > HTTP ALG URL
3.
Select Whitelist in the Action dropdown control
4.
In the URL textbox, enter www.D-Link.com/*.exe
5.
Click OK
Simply continue adding specfic blacklists and whitelists until the filter satifies the needs.
6.3.4. Dynamic Web Content Filtering
Chapter 6. Security Mechanisms
171