User Guide
OmniAccess SafeGuard OS Administration Guide
313
Chapter 7: Establishing a Security Policy
3 Specify the filter conditions:
HTTP [Host
[{contains string}|{does-not-contain string}|
{
does-not-end-with string}|
{
does-not-match string}|
{
does-not-start-with string}|
{
ends-with string}|
{
matches string}|
{
starts-with string}]|
UserAgent [contains string | does-not-contain string]|
ContentType [contains string]]
Following is an example of an HTTP application filter user policy using a logical OR
operation:
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #policy application-filter "afAppleMarketing"
(SafeGuardOS) (app-filter) #operation OR
(SafeGuardOS) (app-filter) #HTTP ContentType contains "application/x-javascript"
(SafeGuardOS) (app-filter) #HTTP Host contains "www.google.com"
(SafeGuardOS) (app-filter) #HTTP Host does-not-contain "www.google.com"
(SafeGuardOS) (app-filter) #HTTP Host does-not-end-with ".google.com"
(SafeGuardOS) (app-filter) #HTTP Host does-not-match "www.google.com"
(SafeGuardOS) (app-filter) #HTTP Host does-not-start-with "www.google."
(SafeGuardOS) (app-filter) #HTTP Host ends-with ".google.com"
(SafeGuardOS) (app-filter) #HTTP UserAgent contains "Mozilla/5.0"
(SafeGuardOS) (app-filter) #HTTP UserAgent does-not-contain "/5.0"
(SafeGuardOS) (app-filter) #exit
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
To display application filters, use the show policy application-filter command, as
discussed in Showing Application Filters on page 327.
Creating CIFS Application Filters
To create an application filter for a CIFS application:
1 Enter app-filter submode by using the application-filter command in Global
Configuration mode:
application-filter filter_name
2 (Optional) Specify a boolean logical operator that the filter is to use:
Syntax Description string A value to be matched against.
Syntax
Description
filter_name The name of the application filter
being created.