Allied Telesis AT-AR300 manual Firewall Policy Debugging, Show Firewall Policy

Page 25

Software Release 2.3.1

25

To re-enable HTTP cookie requests to pass through the HTTP proxy, use the command:

ENABLE FIREWALL POLICY=name HTTPCOOKIES

For example, to enable the passing of HTTP cookies through HTTP proxies configured for the policy zone1, use the command:

ENABLE FIREWALL POLICY=zone1 HTTPCOOKIES

Firewall Policy Debugging

By default, firewall policy debugging is disabled. To enable or disable it, use the commands:

ENABLE FIREWALL POLICY=name [DEBUG={ALLHTTPPACKETPKT

PROCESSPROXYSMTP}]

DISABLE FIREWALL POLICY=name [DEBUG={ALLHTTPPACKETPKT

PROCESSPROXYSMTP}

The DEBUG parameter specifies the types of debugging information to be enabled. If ALL is specified, all debugging information is enabled. If HTTP is specified the display of information about request and response messages passing through the HTTP proxy is enabled. If PROXY is specified the display of general information about firewall proxies is enabled. The DEBUG parameter is not retained over a reboot.

SHOW FIREWALL POLICY

The output for the SHOW FIREWALL POLICY [COUNTER] commands include new parameters.

Table 5: New parameters in the output of the SHOW FIREWALL POLICY command.

Parameter

Meaning

 

 

HTTP Proxy Filter File

Name of a text file containing a list of domain names,

 

keywords and cookie options that are not allowed to pass

 

through HTTP proxies configured under this policy. This

 

parameter is only shown if a URL filter file has been

 

specified for this policy.

 

 

Cookies

Indicates whether or not cookies are allowed to pass

 

through HTTP proxies configured under this policy. If

 

“enabled” is shown all cookies are permitted unless

 

specifically denied by an entry in the HTTP proxy filter file. If

 

“disabled” is shown no cookies are permitted. This

 

parameter is only shown if an HTTP proxy has been

 

configured for this policy with direction set to “out” or

 

“both”.

 

 

Software Release 2.3.1 C613-10325-00 REV B

Page 24 Page 26
Image 25
Page 24 Page 26
Contents Software Release Hardware Platforms IntroductionRapier i Series Hot Swapping Network Service Modules Hot swap an NSM out of an NSM bay Software Features NSM Hot Swap Software Support Example output from the Show Interface commandDNS Caching Domain Name Server EnhancementsServer Selection Telnet Server Port Number Automatic Nameserver ConfigurationTriggers for Ethernet Interfaces Enco Channels IP Security IPsec Source Interface Enhancements Ospf on Demand Isdn Interface-based NAT Paladin Firewall EnhancementsRule-based NAT Time Limited Rules New Command SyntaxRelease Note Software Release Required parameters for Firewall NAT rules Parameters Web Redirection with Reverse NAT RulesFirewall and IPsec Tunnel Further ExamplesStandard NAT Show Output Paladin Firewall Http Application Gateway ProxyHttp Filters Firewall Http Proxies and Firewall PoliciesADD Firewall POLICY=zone1 HTTPFILTER=banned.htp Http Cookies Show Firewall Policy Firewall Policy DebuggingHttp Proxy Filter File Vrrp Port MonitoringWhere Stepvalue is a decimal number in the range 1 to Border Gateway Protocol 4 BGP-4 Internet Protocol IP IP and Interface CountersTo reset IP interfaces, use the command Example output from the Show IP COUNTER=INTERFACE command Example output from the Show IP COUNTER=SNMP command Telephony PBX Functionality Errata Telnet Server Bandwidth LimitingEnable Telnet Server InstallationRelease Note
Top Page Image Contents