Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual
Page 164
Chapter 12
HTTP and FTP filtering
164
Open the General tab to set general rules and actions to be taken.
Description
Description of the rule (information for the administrator).
If user accessing the FTP server is
Select which users this rule will be applied on:
•
any user — the rule will be applied on all users (regardless whether authenticated
on the firewall or not).
•
any user authenticated on the firewall — applied on all authenticated users.
•
selected user(s) — applied on selected users or/and user groups.
Click on the Set button to select users or groups (hold the Ctrl and the Shift keys
to select more that one user /group at once).
Note: Rules designed for selected users (or all authenticated users) are irrelevant unless
combined with a rule that denies access of non-authenticated users.
And the FTP server is
Specify FTP servers on which this rule will be applied:
•
any server —any FTP server
•
server — IP address of DNS name of a particular FTP server.
If an FTP server is defined through a DNS name, WinRoute will automatically per-
form IP address resolution from DNS. The IP address will be resolved immediately
when settings are confirmed by the OK button (for all rules where the FTP server
was defined by a DNS name).
Warning
Rules are disabled unless a corresponding IP address is found!
•
IP address from group — selection of IP addresses of FTP servers that will be
either denied or allowed.
Click on the Edit button to edit IP groups (for details see chapter
).
Action
Select an action that will be taken when requirements for users and the FTP server are
met:
•
Allow — WinRoute allows connection to selected FTP servers under conditions set
in the Advanced tab— see below).
•
Deny — WinRoute will block certain FTP commands or FTP connections (according
to the settings within the Advanced tab).
Check the Log option to log all FTP connections meeting this rule in the Filter log (see
chapter
).
Go to the Advanced tab to define other conditions that must be met for the rule to be applied
and to set advanced options for FTP communication.