Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
391392393394395396397398399400
377
Task Command
Remarks
Clear Web filtering statistics.
reset firewall http { activex-blocking |
java-blocking | url-filter host | url-filter
parameter } counter
Available in user view.
URL address filtering configuration example
Network requirements
The hosts in the network segment 192.168.1.0/24 access the Internet through the device. The device is
enabled with the URL address filtering function, and allows the hosts to access only www.webflt.com
using the URL address or IP address.
Figure 122 Network diagram
Configuration procedure
# Configure IP addresses for the interfaces. (Details not shown.)
# Configure the NAT policy for the outbound interface.
<Router> system-view
[Router] acl number 2200
[Router-acl-basic-2200] rule 0 permit source 192.168.1.0 0.0.0.255
[Router-acl-basic-2200] rule 1 deny source any
[Router-acl-basic-2200] quit
[Router] nat address-group 1 2.2.2.10 2.2.2.11
[Router] interface gigabitethernet 3/0/1
[Router-GigabitEthernet3/0/1] nat outbound 2200 address-group 1
[Router-GigabitEthernet3/0/1] quit
# Enable the URL address filtering function.
[Router] firewall http url-filter host enable
# Specify to allow users to access only www.webfit.com and set the default filtering action to deny.
[Router] firewall http url-filter host url-address permit www.webflt.com
[Router] firewall http url-filter host default deny
# Specify an ACL for URL address filtering.
[Router] acl number 2000
[Router-acl-basic-2000] rule 0 permit source 3.3.3.3 0.0.0.0
[Router-acl-basic-2000] rule 1 deny source any