Contributor

Question

Allowing only certain URL' s

Forum|Forum|17 years ago
July 7, 2008
15 replies
7285 views

I need to block all web access for certain users EXCEPT for certain job related URL' s (i.e. weather.com) The users are allowed full access during certain times of the day (breaks, lunch, etc.) I was successful in configuring multiple policies to achieve this, but am looking to allow specific URL' s while blocking everything else. Can this be done with FortiOS and how? Thanks for any assistance.

UkWizard

New Member

you need to use a regex to block everything (its either * or . if i remember offhand) then explcitly whitelist the ones you want to allow.

rwpatterson

New Member

Put the regex .* last. This will block everything! Make your valid allowances above this one.

UkWizard

New Member

a single " ." dot should do the same, doesn' t it?

rwpatterson

New Member

The dot means any character once. The star means the prior expression zero or any amount of occurances.

UkWizard

New Member

The dot means any character once. The star means the prior expression zero or any amount of occurances.

Bob - Looks like fortinet disagree with us, accidentally stumbled on this KC document; http://kc.forticare.com/default.asp?id=796&Lang=1&SID= It says we should us ^.* to block all

A

Anonymous_UserAuthor

Contributor

Maybe this is not for this forum, BUT... do I use Firewall policies here or just web filtering?

rwpatterson

New Member

The web filtering takes place in a protection profile that is placed into a policy...so yes.

UkWizard

New Member

Just make sure you use " allow" and not " exempt" for the allowed list, as the latter would not perform any AV or IPS scanning.

Hracio

New Member

mmm, im having some trouble with url filters &regex stuff What to achieve: https://one.domain.com/user ---> Allow https://one.domain.com/everythingelse --->deny https://one.domain.com --->deny What i' v done: From Inet--> DMZ URL one.domain.com/user Type Simple Action Allow Enable URL xx\.x\.xxx\.220 (my ip) Type Regex Action Block Enable Enabled the URL filtering for http & https, but its not working, it allows me to access to every url on https:443. But if i enable this one.. every url is blocked URL one.domain.com Type Simple Action Deny Enable

UkWizard

New Member

why is your IP in the block entry? URL blocking looks in the header, so it doesnt match the client IP (to my knowledge anyway). just put in one.domain.com for the block rule and that should suffice.

UkWizard

New Member

yep it does. i use it often for unix scripting.

Hracio

New Member

URL xx\.x\.xxx\.220 (my ip)

I meant my server IP.. to avoid access via ip/url Can' t make it work yet...

^.*

correct, it blocks all, should be used with exemption actions, also says that https looks on the certificate for blocking... now reading

: Mastering Regular Expressions, 3rd Edition By Jeffrey E. F. Friedl Ugghhh... was not on my plans... (if any1 wants it, pm me.)

UkWizard

New Member

all you need in life is wikipedia..... http://en.wikipedia.org/wiki/Regular_expression

Hracio

New Member

yes, however.. it doesn' t work (as it should) url filtering on https urls... xxx.xx.xxx.220/webmail --->public IP Type Simple Action Allow Enable xxx.mydomain.xxx/webmail --public Domain Type Simple Action Allow Enable xxx\.xx\.xxx\.xxx --Public IP Type Regex Action Block Enable xxx\.mydomain\.xxx -->Public domain Type Regex Action Block Enable This should allow access only to mydomain/webmail & mypublicip/webmail and block everything else... but its blocking everything even the allowed urls. Regards.-!

Show more replies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded