R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

441

442

443

444

445

446

447

448

449

450

433

• If asterisk (*) is present at the beginning of a filtering entry, it must be present in the format like *.xxx,

where xxx represents a keyword, for example, *.com or *.webfilter.com.

• A filtering entry with only numerals is invalid. To filter a website address like www.123.com, you can

define a filtering entry like ^123$, www.123.com, or 123.c om , instead of 123. HP recommends that

you use exact match to filter numeral website addresses.

Usage guidelines

The device supports a maximum of 256 URL address filtering entries.

You can change the filtering action for an existing filtering entry, for example, from deny to permit.

Examples

# Add filtering entry ^china& to the URL address filtering entry list and set the filtering action to permit.

<Sysname> system-view

[Sysname] firewall http url-filter host url-address permit ^china&

Related commands

display firewall http url-filter host

firewall http url-filter parameter

Use firewall http url-filter parameter to add URL parameter filtering entries to the URL parameter filtering

entry list.

Use undo firewall http url-filter parameter to remove URL parameter filtering entries from the list.

Syntax

firewall http url-filter parameter { default | keywords keywords }

undo firewall http url-filter parameter [ default | keywords keywords ]

Views

System view

Default command level

2: System level

Parameters

default: Specifies to use the default parameter filtering entries, including: ^select$, ^insert$, ^update$,

^delete$, ^drop$, --, ', ^exec$, and %27.

keywords keywords: Specifies to use a user-defined parameter filtering entry. The keywords argument is

a case-insensitive string of 1 to 80 characters. Valid characters include numerals, English letters,

wildcards caret (^), dollar sign ($), ampersand (&), and asterisk (*), and other ASCII characters with

values in the range of 31 to 127. A filtering entry can be a string with spaces, but such an entry must be

present in quotes, for example, "select all". One space in a filtering entry can match multiple consecutive

spaces in a URL parameter of an HTTP request. For meanings of the wildcards, see Table 72.

Table 72 Meanings

of wildcards

Wildcard Meanin

Usa

uidelines

Matches parameters starting with

the keyword

It can be present once at the

beginning of a filtering entry.