R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
184
To do... Use the command...
Remarks
Display information about ActiveX
blocking
display firewall http activex-blocking [ all |
item keywords | verbose ]
Available in any view
Clear Web filtering statistics
reset firewall http { activex-blocking |
java-blocking | url-filter host | url-filter
parameter } counter
Available in user view
Web filtering configuration examples
URL address filtering configuration example
Network requirements
Enable the URL address filtering function on the LB module, allowing the hosts to access only
www.webflt.com using the URL address or IP address.
Figure 123 Network diagram for URL address filtering configuration
Configuration procedure
# Configure IP addresses for the interfaces. (Omitted)
# Configure the NAT policy for the outbound interface.
<LB> system-view
[LB] acl number 2200
[LB-acl-basic-2200] rule 0 permit source 192.168.1.0 0.0.0.255
[LB-acl-basic-2200] rule 1 deny source any
[LB-acl-basic-2200] quit
[LB] nat address-group 1 2.2.2.10 2.2.2.11
[LB] interface Ten-GigabitEthernet 0/0.1
[LB-Ten-GigabitEthernet0/0.1] nat outbound 2200 address-group 1
[LB-Ten-GigabitEthernet0/0.1] quit
# Enable the URL address filtering function.
[LB] firewall http url-filter host enable
# Specify to allow users to access only www.webfit.com and set the default filtering action to deny.
[LB] firewall http url-filter host url-address permit www.webflt.com
[LB] firewall http url-filter host default deny
# Specify an ACL for URL address filtering.