F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100
115
218BConfiguration procedure
1. Specify the IP addresses for the interfaces and assign the interfaces to appropriate zones. (Details
not shown.)
2. Configure filtering entries:
# Create a keyword filtering entry kwd1 and enter its view.
<Firewall> system-view
[Firewall] content-filtering keyword-entry kwd1
# Add a keyword abc to the entry kwd1.
[Firewall-contflt-keyword-kwd1] keyword fix-string abc
[Firewall-contflt-keyword-kwd1] quit
# Create a keyword filtering entry kwd2 and enter its view.
[Firewall] content-filtering keyword-entry kwd2
# Add a keyword reboot to the entry kwd2.
[Firewall-contflt-keyword-kwd2] keyword fix-string reboot
[Firewall-contflt-keyword-kwd2] quit
# Create a filename filtering entry file1 and enter its view.
[Firewall] content-filtering filename-entry file1
# Add a filename *.exe to the entry file1.
[Firewall-contflt-filename-file1] filename *.exe
[Firewall-contflt-filename-file1] quit
# Create a filename filtering entry file2, and enter its view.
[Firewall] content-filtering filename-entry file2
# Add a filename abc to the entry file2.
[Firewall-contflt-filename-file2] filename abc
[Firewall-contflt-filename-file2] quit
3. Configure content filtering policies:
# Create an HTTP filtering policy http_policy1 and enter its view.
[Firewall] content-filtering http-policy http_policy1
# Specify the keyword filtering entry kwd1 for HTTP body filtering.
[Firewall-contflt-http-policy-http_policy1] body-filtering keyword-entry kwd1
[Firewall-contflt-http-policy-http_policy1] quit
# Create an HTTP filtering entry http_policy2 and enter its view.
[Firewall] content-filtering http-policy http_policy2
# Specify the keyword filtering entry kwd1 for HTTP body filtering.
[Firewall-contflt-http-policy-http_policy2] body-filtering keyword-entry kwd1
# Enable java applet blocking for http_policy2.
[Firewall-contflt-http-policy-http_policy2] java-applet-blocking enable
[Firewall-contflt-http-policy-http_policy2] quit
# Create an SMTP filtering policy smtp_policy1 and enter its view.
[Firewall] content-filtering smtp-policy smtp_policy1
# Specify the filename filtering entry file1 for SMTP attachment name filtering.
[Firewall-contflt-smtp-policy-smtp_policy1] attachment-name-filtering
filename-entry file1
[Firewall-contflt-smtp-policy-smtp_policy1] quit