Webfilter

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
 
(One intermediate revision by one user not shown)
Line 55: Line 55:
 
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only.
 
* '''Block web downloading when file exceeds xx(MB)''': this option is valid to http sites only.
 
* '''Allow referred resources of allowed web pages''': When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
 
* '''Allow referred resources of allowed web pages''': When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
* '''Block sessions when outgoing traffic exceeds xx(KB)''': This option will check the outgoing traffic of every web session, if outgoing traffic exceeds the choosen limit, this web session will be terminated. This option applies to both http and https connections.
 
 
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
 
* '''Blocking Behavior''', when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
 
* Please Note: http only options can also work on https sites when "[[SSLInspect|SSL Inspector]]" is enabled.
 
* Please Note: http only options can also work on https sites when "[[SSLInspect|SSL Inspector]]" is enabled.
  
== FAQ ==
+
= External Links =
 +
* [http://blog.wfilterngf.com/?p=636 How to whitelist websites in WFilter?]

Latest revision as of 15:46, 13 March 2020

Contents

[edit] 1 Web Filter

The "Web Filter" module has below features:

  • Website black & white list
  • Website category filtering
  • File type and content type filtering
  • Other features like limiting downloading size, blocking web access via IP...

[edit] 2 Website Black & White List

  • Wildcards "*?" are supported.
  • By default, black & white list is applied to both http and https websites.
  • You may starts a comment with '#'.
  • Block Listed(Black List): When enabled, only domains in the black list will be blocked, all others will be allowed. For example, to block youtube during working hours, you can enable "Block Listed" and add "*.youtube.com" into the list.
  • Allow Listed Only(White List): When enabled, only domains in the white list can be accessed, all others will be blocked. For example, enable "v" and add "*.imfirewall.com" into the list, network users are only allowed to visit pages from imfirewall.com.

Faq en webfilter001.png

[edit] 3 Category Blocking

When enabled, you may filter domains by 60+ website categories. For example, to save bandwidth, you can set "Streaming Media" to be blocked during working hours. So all video websites will be blocked. "Category Blocking" is applied to both http and https websites by default.

Faq en webfilter003png.png

To check a domain's category, you can test "URL Access" in "Utils"->"Policy Testing".

Faq en webfilter003 2.png

[edit] 4 File Filtering

You can block files by file extensions and HTTP content-type(mime type). For example, to block all online video and video file downloading, you can set "Video" to "Deny".

Faq en webfilter005.jpg

Please notice:

  • To customize file types, you may click the "edit" icon besides every file type.
  • File filtering is only applied to http websites.

Faq en webfilter004.jpg

[edit] 5 Exception

Domains in the exception list will not be blocked by other options within this policy. For example, you may block "*.yahoo.com" but add "sports.yahoo.com" to the exception list. In result of allowing access to "sports.yahoo.com", while all other domains from yahoo.com will be blocked.

Faq en webfilter007.jpg

[edit] 6 Utils

Faq en webfilter008.png

  • Apply this rule to https websites: apply the "white & black list" and "category blocking" to https sites, enabled by default.
  • Block file uploading via webpages: when enabled, clients won't be able to upload attachments in webpages(multipart/form-data). This option applies to http websites only.
  • Block web surfing via IP: when enabled, websites can only be visited via domains.
  • Block web downloading when file exceeds xx(MB): this option is valid to http sites only.
  • Allow referred resources of allowed web pages: When enabled, external resources(images, css, videos and outbound links) of an allowed webpage will not be blocked even the external sites are disallowed.
  • Blocking Behavior, when a http webpage is blocked, you may choose to display a blocking page(defined in "System"->"Denial Page"), or redirect to another URL.
  • Please Note: http only options can also work on https sites when "SSL Inspector" is enabled.

[edit] 7 External Links

Personal tools
Namespaces

Variants
Actions
Navigation
Tools