R3204P16-HP Load Balancing Module Security Command Reference-6PW101
143
Related commands: firewall http url-filter host enable, display firewall http url-filter host.
Examples
# Configure to permit web requests using IP addresses for access to websites.
<Sysname> system-view
[Sysname] firewall http url-filter host ip-address permit
firewall http url-filter host url-address
Syntax
firewall http url-filter host url-address { deny | permit } url-address
undo firewall http url-filter host url-address [ url-address ]
View
System view
Default Level
2: System level
Parameters
permit: Permits matched URL addresses.
deny: Denies matched URL addresses.
url-address: URL address filtering entry, a case-insensitive string of 1 to 80 characters. Valid characters
include 0 to 9, a to z, A to Z, dot “.”, hyphen “-“, underline “_”, and wildcards “^”, “$”, “&”, and “*”.For
meanings of the wildcards, see Table 32.
Table 32 Meanings
of wildcards
Wildcard Meanin
g
Usa
g
e
g
uidelines
^
Matches website addresses
starting with the keyword
It can be present once at the beginning of a
filtering entry.
$
Matches website addresses ending
with the keyword
It can be present once at the end of a filtering
entry.
&
Stands for a valid character other
than dot “.”
It can be present multiple times at any position of a
filtering entry, consecutively or inconsecutively,
but cannot be used together with “*”.
*
Stands for any number of valid
characters and spaces excluding
dot “.”
It can be present once at the beginning or in the
middle of a filtering entry. It cannot be at the end
and cannot be used next to “^” or “$”.
When using the wildcards, follow also the principles below:
• A filtering entry with “^” at the beginning or “$” at the end indicates an exact match. For example,
filtering entry ^webfilter matches website addresses starting with webfilter (such as
webfilter.com.cn) or containing webfilter at the beginning of a string after a dot (such as
cmm.webfilter-any.com). Filtering entry ^webfilter$ matches website addresses containing
standalone webfilter like www.webfilter.com; it does not match website addresses like
www.webfilter-china.com.
• A filtering entry with neither “^” at the beginning nor “$” at the end indicates a fuzzy match, and
matches website addresses containing the keyword.