Chapter 1: Overview of Content Policy Language
<Proxy>
client.address=!corporate_subnet deny ; filter out strangers socks.authenticate(MyRealm) ; this happens earlier than the category test
<Proxy>
;user names be displayed in the access log for the denied requests category=Gambling exception(content_filter_denied)
Note that this only works for SOCKS authenticated users.
Installing Policy
Policy is installed by installing one of the four policy files (VPM, Local, Central or Forward). Installing one new file causes the most recent versions of the other three files to be loaded, the contents concatenated in the order specified by the current configuration, and the resulting complete policy compiled.
If any compilation errors are detected, the new policy file is not installed and the policy in effect is unchanged.
Refer to Chapter 12, “Advanced Policy,” of the ProxySG Configuration and Management Guide for specific instructions on installing a policy file.
CPL General Use Characters and Formatting
The following characters and formatting have significance within policy files in general, outside of the arguments used in condition expressions, the values used in property statements, and the arguments used in actions.
Character | Example | Significance |
Semicolon (;) | ; Comment | Used either inline or at the beginning of a |
| <Proxy> ; Comment | line to introduce text to be ignored during |
|
| policy evaluation. Commonly used to |
|
| provide comments. |
|
|
|
Newline | deny server_url.scheme=mms deny | CPL expects most constructs (layers, |
| server_url.domain=xyz.com | sections, rules, definitions) to begin on a new |
|
| line. When not preceded by a line |
|
| continuation character, a newline terminates |
|
| a layer header, section header, the current |
|
| rule, clause within a defined condition, or |
|
| action within an action definition. |
Line Continuation | \ | A line continuation character indicates that |
|
| the current line is part of the previous line. |
Whitespace | < proxy > | Used to enhance readability. Whitespace can |
| weekday = ( 3 7 ) deny | be inserted between tokens, as shown in this |
|
| example, without affecting processing. In |
|
| addition, quoted strings can include |
|
| whitespace. However, numeric ranges, such |
|
| as weekday = 1..7, cannot contain |
|
| whitespace. |
Angle brackets (< >) | <Proxy> | Used to mark layer headings. |
Square brackets ([ ]) | [Rule] | Used to mark section names. |
29
