HP VPN Firewall Appliances Attack Protection Configuration Guide
114
# Specify the keyword filtering entry kwd1 for HTTP body filtering.
[Firewall-contflt-http-policy-http_policy2] body-filtering keyword-entry kwd1
# Enable java applet blocking for http_policy2.
[Firewall-contflt-http-policy-http_policy2] java-applet-blocking enable
[Firewall-contflt-http-policy-http_policy2] quit
# Create an SMTP filtering policy smtp_policy1 and enter its view.
[Firewall] content-filtering smtp-policy smtp_policy1
# Specify the filename filtering entry file1 for SMTP attachment name filtering.
[Firewall-contflt-smtp-policy-smtp_policy1] attachment-name-filtering
filename-entry file1
[Firewall-contflt-smtp-policy-smtp_policy1] quit
# Create an FTP filtering policy ftp_policy1 and enter its view.
[Firewall] content-filtering ftp-policy ftp_policy1
# Specify the filename filtering entry file2 for FTP upload filename filtering.
[Firewall-contflt-ftp-policy-ftp_policy] upload-filename-filtering filename-entry
file2
[Firewall-contflt-ftp-policy-ftp_policy] quit
# Create a Telnet filtering policy telnet_policy1 and enter its view.
[Firewall] content-filtering telnet-policy telnet_policy1
# Specify the keyword filtering entry kwd2 for Telnet command word filtering.
[Firewall-contflt-telnet-policy-telnet_policy1] command-filtering keyword-entry
kwd2
[Firewall-contflt-telnet-policy-telnet_policy1] quit
4. Configure content filtering policy templates:
# Create a content filtering policy template template1 and enter its view.
[Firewall] content-filtering policy-template template1
# Apply the filtering policies http_policy1, smtp_policy1, ftp_policy1, and telnet_policy1 to the
policy template template1.
[Firewall-contflt-policy-template-template1] http-policy http_policy1
[Firewall-contflt-policy-template-template1] smtp-policy smtp_policy1
[Firewall-contflt-policy-template-template1] ftp-policy ftp_policy1
[Firewall-contflt-policy-template-template1] telnet-policy telnet_policy1
[Firewall-contflt-policy-template-template1] quit
# Create a policy template template2 and enter its view.
[Firewall] content-filtering policy-template template2
# Apply the filtering policies http_policy2, smtp_policy1, ftp_policy1, and telnet_policy1 to the
policy template template2.
[Firewall-contflt-policy-template-template2] http-policy http_policy2
[Firewall-contflt-policy-template-template2] smtp-policy smtp_policy1
[Firewall-contflt-policy-template-template2] ftp-policy ftp_policy1
[Firewall-contflt-policy-template-template2] telnet-policy telnet_policy1
[Firewall-contflt-policy-template-template2] quit
5. Configure an interzone policy that uses the content filtering policy templates:
# Create a subnet object private and specify its subnet 192.168.1.0/24.
[Firewall] object network subnet private
[Firewall-object-network-private] subnet 192.168.1.0 0.0.0.255