|
- In this scenario, overriding the Gambling category to the Business category is wanted.
- casino.com will be used.
Categories involved in this test are the ff:
- Cat 49 – Business.
- Cat 11 – Gambling.
Here is the web rating override on our configuration.
# config webfilter ftgd-local-rating
(ftgd-local-rating) # edit casino.com
(casino.com) # show
# config webfilter ftgd-local-rating
edit "casino.com"
set rating 49
next
end
Make sure the web filter profile is configured to set the category action monitor to override the specific website.
# config webfilter profile
edit "default"
set comment "Default web filtering."
# config ftgd-wf
unset options
# config filters
edit 1
set category 1
next
edit 2
set category 2
set action block
next
edit 3
set category 3
next
edit 4
set category 4
next
edit 5
set category 5
next
edit 6
set category 6
next
edit 7
set category 7
set action block
next
edit 8
set category 8
set action block
next
edit 9
set category 9
set action block
next
edit 11
set category 11
set action block
next
edit 12
set category 12
next
edit 13
set category 13
set action block
next
edit 14
set category 14
set action block
next
edit 15
set category 15
set action block
next
edit 16
set category 16
set action block
next
edit 26
set category 26
set action block
next
edit 59
set category 59
next
edit 62
set category 62
next
edit 83
set category 83
set action block
next
edit 96
set category 96
set action block
next
edit 98
set category 98
set action block
next
edit 99
set category 99
set action block
next
edit 57
set category 57
set action block
next
edit 63
set category 63
set action block
next
edit 64
set category 64
set action block
next
edit 65
set category 65
set action block
next
edit 66
set category 66
set action block
next
edit 67
set category 67
set action block
next
edit 61
set category 61
set action block
next
edit 86
set category 86
set action block
next
edit 88
set category 88
set action block
next
edit 90
set category 90
set action block
next
edit 91
set category 91
set action block
next
edit 49
set category 49
next
edit 35
set action block
next
end
end
next
end
(default) # config ftgd-wf
(ftgd-wf) # config filter
(filters) # edit 49
(49) # show
config filters
edit 49
set category 49
next
end
(49) # get
id : 49
category : 49
action : monitor
log : enable
Here is the Policy configuration:
# config firewall policy
edit 1
set type explicit-web
set name "Policy"
set uuid fc83437e-c6da-51ed-4460-e3726a4f37d4
set dstintf "port1"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "webproxy"
set explicit-web-proxy "web-proxy"
set utm-status enable
set ssl-ssh-profile "certificate-inspection"
set webfilter-profile "default"
next
end
Troubleshooting:
# diag wad debug enable all
# ddiag wad debug enable level verbose
# ddiag debug enable
- Here is the WAD DEBUG output accessed casino.com:
[I][p:1530][s:1769130815][r:145] wad_url_choose_cate :2142 cate=49 (local) url-cates=[49,]; url =[49, # 11,],ip=[ # 0,]; conf webfilter 'default':[96,98,99,64,65,66,67,83,86,88,90,91,49,57,59,61,62,63,0,1,
2,3,4]
- Here is the WEBFILTER DEBUG (Log and Report – Web Filter):
date=2023-03-19 time=22:11:52 eventtime=1679289112284470086 tz="-0700" logid="0317013312" type="utm" subtype="webfilter" eventtype="ftgd_allow" level="notice" vd="root" policyid=1 poluuid="fc83437e-c6da-51ed-4460-e3726a4f37d4" policytype="policy" sessionid=1769130816 srcip=192.168.10.100 srcport=49373 srccountry="Reserved" srcintf="port2" srcintfrole="undefined" dstip=45.60.35.168 dstport=443 dstcountry="United States" dstintf="port1" dstintfrole="undefined" proto=6 service="HTTPS" hostname="www.casino.com" profile="default" action="passthrough" reqtype="direct" url="https://www.casino.com/" sentbyte=220 rcvdbyte=0 direction="outgoing" msg="URL belongs to an allowed category in policy" method="domain" cat=49 catdesc="Business"
|
