FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
js2
Staff
Staff
Article Id 352768
Description This article describes howto block google solitaire games using the content filter.
Scope FortiGate.
Solution
  1. Configure web-filter profile and create content filter:

 

From GUI:

 

content filter.PNG

 

From CLI:

 

config webfilter content
    edit 1
        set name "Auto-webfilter-content_0mgl97hma"
            config entries
                edit "solitaire"
                    set pattern-type regexp
                    set status enable
                next
             end
         next
    end

 

  1. Apply the web-filter profile in the firewall policy

 

config firewall policy
    edit 1
        set name "Internet"
        set uuid 332955fa-816d-51ef-510c-3f41017f7e68
        set srcintf "port1"
        set dstintf "port9"
        set action accept
        set srcaddr "all"
        set dstaddr "all"
        set schedule "always"
        set service "ALL"
        set utm-status enable
        set inspection-mode proxy
        set ssl-ssh-profile "custom-deep-inspection" <----- Deep inspection is enabled.
        set webfilter-profile "default"  <----- The  web filter profile enabled.
        set logtraffic all
        set nat enable
    next
end

 

  1. Enable custom deep inspection and remove Google from the SSL exemption list.
  2. Generate traffic for Google Solitaire and a blocked page is received with the message 'The page has been blocked because it contains a banned word'.

 

 

Banned.PNG

Contributors