3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
You must load
the Web
content filtering file for items in it to take effect, that is, for Web contents that
match these items to be filtered.
Displaying and debugging Web content filtering
Use the commands listed in Table 130 to view information about Web content
filtering and enable debugging Web content filtering.
Execute the display command in any view, and execute the debugging and
reset commands in user view.
Configuring SQL Attack
Prevention
Enabling/Disabling SQL attack prevention
To validate later configuration on the firewall, you must enable SQL attack
prevention first before make any configuration on SQL attack prevention.
Perform the following configuration in system view.
By default, SQL attack prevention is not enabled.
c
CAUTION: To enable SQL attack prevention successfully, you must first configure
ASPF policies, and the detect http and detect tcp commands. Refer to section
“Configuring ASPF” “Configuring ASPF” for more information about ASPF.
Configuring filter keywords for SQL attack prevention
SQL attack prevention functions filters HTTP commands based on the predefined
filter keywords. If the keyword is borne in a HTTP request, the firewall will block
the request. You can define table names, fields, saving process names (default or
custom) as keywords depending on specific needs.
Perform the following configuration in system view.
Tab le 130 Display and debug Web content filtering
Operation Command
Display information about Web content
filtering
display firewall webdata-filter { enable |
all | item keywords | all } }
Enable debugging Web content filtering
debugging firewall webdata-filter { all |
error | event | filter | packet }
Disable debugging Web content filtering
undo debugging firewall webdata-filter {
all | error | event | filter | packet }
Clear statistics on Web content filtering reset firewall webdata-filter counter
Tab le 131 Enable SQL attack prevention
Operation Command
Enable SQL attack prevention firewall url-filter parameter enable
Disable SQL attack prevention undo firewall url-filter parameter enable