On board url filtering, On board url filtering -14 – Enterasys Networks Security Router X-PeditionTM User Manual

XSR Firewall Feature Set Functionality

16-14 Configuring Security on the XSR

On Board URL Filtering

This features lets you block access to a list of Uniform Resource Locators (URLs) or limit access to
certain approved sites. The XSR extracts the absolute URL from the Get and Host headers of the
http Request packet sent by web browser, and matches that to a list of approved (white list), or
banned (black list) URLs.

Importing URL Lists from an ASCII File

The XSR supports the import of URL lists from a user-specified ASCII text file using the

ip

firewall url-load-xxx name_of_url_xxx_list

command where

xxx

stands for

black-list

or

white-list

. URL lists can be stored in either Flash or CFlash directories. Any of the following

commands are acceptable:

XSR(config)#ip firewall url-load-black-list blacklists.txt
XSR(config)#ip firewall url-load-black-list flash:blacklists.txt
XSR(config)#ip firewall url-load-white-list cflash:whitelists.txt

Writing URL List Entries

When the

ip firewall url-load-xxx

command is run, the XSR immediately reloads the URL

list database from the file. When you write URL entries for the file, observe the following:

•

Entries are compared in a case-insensitive manner

•

Up to 30 URL entries, each of which can be up to 63 characters long after leading and trailing
white spaces (SPACEs, TABs) are removed from the input line. If a URL string has more than
63 characters, the XSR truncates it to 63 characters.

•

If the URL file contains more than 30 entries, only the first 30 entries are loaded.

A URL list generally contains keywords of the URL you want to match. It can be as specific as a
particular web page in a directory of an organization such as www.w3.org/pub/WWW/
theProject.htm, or as general as a domain name such as playboy.com, or simply a file name such as
readme.eml. The following are sample URLs:

•

arcadegamesonline.com

•

games.yahoo.com

•

siterankings.com/cgi-bin/casinos

•

mail.bigmailbox.com/users/casinoranking.com

•

top-lasvegas.com/en

•

java.omnisportsbookmembers.com/javacasino

•

216.91.118.35/ibet

•

members.aol.com/winatcraps

•

playboy.com

•

readme.eml

Enabling URL Filtering in Firewall Policy

The XSR firewall

policy

command lets you specify URL checking using the keywords

URL-W

or

URL-B

. URL-B instructs the XSR to compare the requested URL with a URL black list, so if a user

tries to access a URL matching any black list entry, access will be blocked and the user presented
with a blocked page similar to

Figure 16-11

below. If the URL black list is not loaded, access is

allowed.