|
This article describes that he hit count and bytes of the implicit deny rule do not increase on the proxy policy.
The deny log was generated, but the hit count does not increase.
This feature has been added after 7.4.0 the version.
Configuration:
config system interface
edit "port1"
set vdom "root"
set ip 10.200.1.1 255.255.255.0
set allowaccess ping
set fail-detect enable
set type physical
set explicit-web-proxy enable
set alias "External"
set monitor-bandwidth enable
set role wan
set snmp-index 1
next
edit "port3"
set vdom "root"
set ip 10.0.1.254 255.255.255.0
set allowaccess ping https ssh snmp
set type physical
set alias "Internal"
set snmp-index 3
next
config system settings
set gui-explicit-proxy enable
config firewall policy
edit 1
set name "allow-all"
set uuid b194844a-9c8c-51ed-eda0-9ec8ad8dc5ef
set srcintf "port3"
set dstintf "port1"
set action accept
set srcaddr "all"
set dstaddr "all"
set schedule "always"
set service "ALL"
set inspection-mode proxy
set http-policy-redirect enable
set ssl-ssh-profile "deep-inspection"
set logtraffic all
set nat enable
next
config firewall proxy-policy
edit 1
set uuid 2bad4510-9c8c-51ed-0021-b3cee3d6de50
set name "test"
set proxy transparent-web
set srcintf "port3"
set dstintf "port1"
set srcaddr "all"
set dstaddr "all"
set service "webproxy"
set status disable
set schedule "always"
set logtraffic all
next
end
|
