Verifying the configuration – H3C Technologies H3C SecPath F1000-E User Manual

Page 96

Figure 93 Configuring the interzone policy referencing the template with Java applet blocking

{

Select any_address as the source IP address and destination IP address.

{

Select any_service as the service name.

{

Select Permit as the filter action.

{

Select content filtering policy template template2.

{

Select the Enable the rule box to enable the rule.

{

Click Apply.

Verifying the configuration

After the previous configuration, LAN users cannot receive HTTP responses that carry keyword abc, send

Java applet requests to Web servers except server 5.5.5.5, send emails with .exe attachments, upload

files named abc through FTP, or execute Telnet command reboot.
After the firewall runs for a period of time, select Identification > Content Filtering > Statistic Information
from the navigation tree. You can see the content filtering statistics, as shown in

Figure 94

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS