R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
189
Table 41 Wildcards for URL parameter filtering entries
Wildcard Meanin
g
Usa
g
e
g
uidelines
^
Matches parameters starting with
the keyword
Can be present once at the beginning of a filtering entry.
$
Matches parameters ending with
the keyword
It can be present once at the end of a filtering entry.
& Stands for one valid character
It can be present multiple times at any position of a filtering
entry, consecutively or inconsecutively, and cannot be
used next to “*”. If it is present at the beginning or end of
a filtering entry, it must be next to “^” or “$”.
*
Stands for a string of up to 4 valid
characters, including spaces
It can be present once in the middle of a filtering entry.
Solution
Use the wildcards correctly according to the above principles.
Invalid blocking suffix
Symptom
When you configure a Java blocking suffix keyword or ActiveX blocking suffix keyword, the system
prompts you that there are invalid suffix keywords.
Analysis
A blocking suffix requires a dot “.” as part of it. If no dot or multiple dots are configured, the configuration
fails.
Solution
Configure a suffix keyword according to the description in the analysis.
ACL configuration failed
Symptom
An ACL rule uses the IP address of a host in the internal network as the source address and permits
requests from the host. The ACL is referenced for URL address filtering, Java blocking or ActiveX blocking,
but it does not work.
Analysis
For URL address filtering, Java blocking and ActiveX blocking, ACLs permit access to servers in external
networks rather than hosts in the internal network. This is because the internal network is assumed to be
trusted.
Solution
Specify the IP address of the server in the external network as the source IP address in the ACL rule.