Description
This article describes how to resolve an issue that occurs when using File Filter with proxy-based policies to block specific file types (e.g., .bat and .cmd) via the SMB2 protocol in environments utilizing NetApp file shares or non-'Microsoft Windows' shares.
Scope
FortiGate and FortiProxy when using File Filter in proxy-based policies to block file types on SMB2/CIFS.
Solution
- This issue has been addressed in v7.6.1 and v7.4.7.
- For FortiProxy in v7.4.6 and v7.6.1.
When File Filter blocks the transfer of a file in environments using NetApp or non-Windows file shares, the file is replaced with a corrupted version filled with spaces. No error feedback is provided to the client, which can lead to data loss.
Key Behavior:
- When a user transfers a file from a PC to a shared folder and the file is blocked by the File Filter, the file may appear on the server but with empty or corrupted content.
- By contrast, this issue does not occur with Windows file shares, where the file transfer is correctly blocked, and the client receives appropriate feedback.
Related documents:
File Filter on Administration Guide
CIFS support on Administration Guide
Technical Tip: FortiGate Resource Lists
