Skip to main content
saquino
saquino
New Member
March 28, 2019
Question

Fortigate 1500D - block URIs

  • March 28, 2019
  • 1 reply
  • 3841 views

Hello, Sorry about my english.

 

I have a question about block some web page contents.

I want to block some URIs that are inside the webpage but in some cases not the webpage himself. some examples:

 

 

[ul]
  • Blocking a magnet link (magnet:?xt=urn:sha1:<hash of file>&dn=<display name>)[/ul][ul]
  • Blocking a microsoft store app (ms-windows-store://pdp?productId=9NCBCSZSJRSB&)[/ul][ul]
  • Blocking google play store (market://details?id=Package_name or market)[/ul][ul]
  • Blocking spotify tracks (spotify:<artist|album|track>:<id> or spotify:search:<text> or spotify:user:<username>:playlist:<id> example: spotify:track:2jCnn1QPQ3E8ExtLe6INsx)[/ul][ul]
  • Blocking bitcoin transactions (bitcoin:<address>[?[amount=<size>][&][label=<label>][&][message=<message>]])[/ul][ul]
  • Blocking skype links (skype:<username|phonenumber>[?[add|call|chat|sendfile|userinfo]])[/ul][ul]
  • Blocking a specific chrome extension (chrome-extension://<extensionID>/<pageName>)[/ul][ul]
  • Blocking teamspeak links (teamspeak://<server>[:<port>]/[?<parameter1>=<value1>[&<parameter2>=<value2>]]=)[/ul]

     

    i know in some of this cases i can make the block with the "application control" feature, but in some others not, or require the making or an special "custom signature" for AC or IPS and that is much more dificult to apply besides require IPS engine to process the session before apply the filter.

     

    I already try making some regular expresions into "Web filter profile > Web Content Filter" unsuccessfully, and i dont know if my regex are wrong or if is not the right place where to try the blocking action.

     

    Can some one guide me on wich direction point my efforts?

     

    Thanks in advice.

     

     

     ______________________________________________________

    Aditional Information about URIs

     

    https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#URLs_and_URNs  

    https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml

     

     

     

      • 1 reply

      sw2090
      SuperUser
      sw2090
      SuperUser
      March 29, 2019

      you could also use the url filter to block certain urls. Url filter supports wildcards but I am not sure about regexps...

        saquino
        saquinoAuthor
        New Member
        March 29, 2019

        sw2090 wrote:

        you could also use the url filter to block certain urls. Url filter supports wildcards but I am not sure about regexps...

        As i told before, i already try it using web filter (URL filter) but this type of content are not treated as normal urls and neither as protocols, also if they are in some content within the site and you click it, they work.

        The idea is to ban the content to prevent the user from clicking and executing the associated application without blocking the page

        Terms & ConditionsAccessibility statement