block streaming video from Facebook And Youtube

Question

Dear all,i have a fortigate 100D version v5.2.1,build618, i need to set a rules to block all streaming video from YouTube and Facebook YouTube was close, but Facebook video streaming is still open

TuncayBAS · Accepted Answer

block with webfilter content header.config webfilter content-header     edit 1         set name "weblist-01"             config entries                 edit "video/.*"                     set action block                 next                 edit "audio/.*"                     set action block                 next             end     next endconfig webfilter profile     edit "webfilter_name"             config web                 set content-header-list <header_id>             end  next end please test and return back results.

AndreaSoliva · Answer

Hi this what is written here is actually a content-header over MIME Information of files and can be use for everything filebased because MIME is for every file available. To get the correct MIME information for whatever I would say let's do wiresharking. If you do so you will see following information:        Hypertext Transfer Protocol        HTTP/1.0 200 OK
        Request Version: HTTP/1.0        Response Code: 200        Server: DCLK-AdSvr
        Content-Type: video/x-ms-asf
        X-Google-Inred-Content-Type: video/x-ms-asf
        Content-Length: 410
        Content-Encoding: gzip
                Hypertext Transfer Protocol        HTTP/1.1 200 OK
        Request Version: HTTP/1.1        Response Code: 200        Last-Modified: Mon, 14 Sep 2009 00:40:51 GMT
        Content-Type: video/x-flv
        Content-Length: 200994
        Connection: close
        Content-Disposition: attachment; filename="video.flv"
        Expires: Thu, 29 Oct 2009 09:06:24 GMT
        Cache-Control: public,max-age=3600
        Date: Thu, 29 Oct 2009 08:06:24 GMT
        Server: gvs 1.0
 You see the relevant information is:        Content-Type: video/x-ms-asf
        Content-Type: video/x-flv
 This can now be used for configuring the "content-header" using RegEx which means for our example: video\/.*audio\/.* NOTE the \ is used to "exclud" / because this sign is a "special character" and has to be excluded within RegEx! Now as already shown here you can configure the "content-header":        # config webfilter content-header        # edit 1        # config entries        # edit "video\/.*"        # set action block        # next        # edit "audio\/.*"        # set action exempt        # next        # end        # set name "Content-Header" "block-video-exempt-audio"        # next        # end What is important here is to now what block, exempt meaning "action" means:             allow  — Allow Content             block  — Block Content             exempt — Exclude UTM Function At least use the configured content-header with his integer (1) within webfilter config:        FortiOS 5.0 / 5.2        # config webfilter profile        # edit [Name of the profile]        # config web        # set content-header-list 1        # end        # next        # end Thats it..... have fun Andrea

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded