FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
btie
Staff
Staff

Description

 

This article provides an example of how to create a URL filter rule to "Allow" or "Exempt" a particular URL from a 'Blocked' Category in FortiGuard Web Filtering.

 

Using Regex - Regular Expression.

 

Solution

 
Web-based Manager (GUI).
 
- Go to Security Profiles -> Web Filter -> Static URL Filter and enable URL Filter.
- Select 'Create New', or select an already available list.
- Select 'Create New', to create an entry for each of the following exempt rules.
 
Web_Filter_Profile.png
URL= .*\.example\.com.*
Type= regex
Action =allow
 
URL= .*\.fortinet\.com.*
Type= regex
Action =exempt

regex_url_filter.png
Comand Line Interface (CLI).
 
# config webfilter profile
    edit "URL_Filter"
# config web
    set urlfilter-table 1  <----- The ID as below.
end  
 
# config webfilter urlfilter
    edit 1  <---
        set name "Static URL Filter - URL_Filter Web Filter Profile"
# config entrie
    edit 1
        set url ".*\\.example\\.com.*"  <----- Double escape character '\' , one of them is added automatically by FortiGate, for the same reason.
        set type regex
        set action allow
    next
        edit 2
            set url ".*\\.fortinet\\.com.*"
            set type regex
        next
    end
next
end
 
Explanation regarding regex special characters use:
 
To match a special character such as '.' or ‘*’ use the escape character ‘\’.  For example, to match fortinet.com the regular expression should be fortinet\.com.

In Perl regular expressions, ‘*’ means match 0 or more times of the character before it, not 0 or more times of any character. For example, forti*.com matches fortiiii.com but does not match fortinet.com.

To match any character 0 or more times, use ‘.*’ where ‘.’ means any character, and the ‘*’ means 0 or more times. For example, the wildcard match pattern forti*.com should therefore be fort.*\.com.