The secondary specifiers are optional. The following table lists the possible tags and their allowed values:

Secondary Specifier

Allowed Value

 

 

time

A time range, such as 08:00-14:00

 

 

src_ip

The IP address of the client

 

 

prefix

A prefix in the path part of a URL

 

 

suffix

A file suffix in the URL

 

 

port

A requested URL port

 

 

method

A request URL method; one of the following:

 

get

 

post

 

put

 

trace

 

 

scheme

A request URL protocol; one of the following:

 

HTTP

 

FTP

 

 

The following table lists the possible action tags and their allowed values:

Action

Value

 

 

action

ip_allow

 

ip_deny

 

 

keep_hdr

Enter the client request header information that

 

you want to keep:

 

date

 

host

 

cookie

 

client_ip

 

 

strip_hdr

Enter the client request header information that

 

you want to strip. You have the same options as

 

keep_hdr.

 

 

Examples

The following rule tells the appliance to deny FTP document requests to the IP address 112.12.12.12.

dest_ip=112.12.12.12 scheme=ftp action=ip_deny

Chapter 5 Using the Command-Line Interface

73

Page 85
Image 85
Intel 1520 manual Secondary Specifier Allowed Value, Action Value