3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
134 CHAPTER 9: WEB AND E-MAIL FILTERING
Configuring the default filtering operation
You can configure the default filtering operation for a firewall to make the firewall
to permit/deny packets that do not match the Web addresses set by the
administrator.
Perform the following configuration in system view.
Packets that do not match are permitted by default.
Configuring a Web address to be filtered
Web addresses are filtered according to the address items previously configured in
a Web address filtering file. The administrator can manipulate this kind of files to
add or delete Web addresses in them, or even clear all the Web addresses.
Perform the following configuration in system view.
Saving/Loading a Web address filtering file
After configuring the Web addresses to be filtered, you can save them to a Web
address filtering file for later use. You must load a Web address filtering file first to
configure or modify items in it.
Perform the following configuration in system view.
You must load the Web addresses filtering file for items in it to take effect, that is,
for Web addresses that match these items to be filtered.
Configuring IP address filtering
If users access the Web through IP addresses, you can configure the firewall to
control whether to allow such access requests.
Perform the following configurations in system view.
Tabl e 121 Configure the default filtering operation
Operation Command
Configure the default filtering operation
firewall url-filter host default { permit |
deny }
Tabl e 122 Configure a Web address to be filtered
Operation Command
Add a Web address to be filtered
firewall url-filter host add { permit | deny }
url-address
Delete a Web address firewall url-filter host delete url-address
Clear all Web addresses firewall url-filter clear
Tabl e 123 Save/Load a Web address filtering file
Operation Command
Save/Load a Web address filtering file
firewall url-filter host { save-file | load-file
} file-name
Unload the current Web address filtering file undo firewall url-filter host load-file