ZBF URL filtering Issue
Hello. I have the following problem. I try to implement the url filtering feature on a cisco 2811 router and whenever i enable the parameter map patterns the router retuns (after some time)
%Unable to compile obj regex...
My config is
parameter-map type urlfpolicy local URLFILTER
alert off
block-page message "THE REQUEST WAS BLOCKED BY YOUR ROUTER FIREWALL"
parameter-map type urlf-glob ALLOW-URL
pattern *.cisco.com
pattern cisco.com
parameter-map type urlf-glob DENY-URL
pattern *
class-map type urlfilter match-any ALLOW-URL
match server-domain urlf-glob ALLOW-URL
class-map type urlfilter match-any DENY-URL
match server-domain urlf-glob DENY-URL
class-map type inspect match-all INSPECT-HTTP
match protocol http
policy-map type inspect urlfilter URL-FILTER
parameter type urlfpolicy local URLFILTER
class type urlfilter ALLOW-URL
allow
class type urlfilter DENY-URL
reset
log
policy-map type inspect IN-OUT
class type inspect VPN-TRAFFIC
inspect
class type inspect INSPECT-HTTP
inspect
service-policy urlfilter URL-FILTER
class type inspect INTERNET-TRAFFIC
inspect
class class-default
drop
The result is that the router blocks ALL webpages without giving a block page message. Any help would be greatly appreciated.
I have same problem. Reboot router don't help me. Firewall allow all traffic and blocked url too.
Similar Messages
-
Dear All,
I am looking forward to buy the cisco ASA Firewall with the below mentioned part number.
ASA5525-SSD120-K9 kindly please let me know whether it supports WEB Filtering / URL Filtering.
or do i need to go for any other model or license.
Awaiting your quick responses as it is very urgent.
Responses are highly appreciated..That's the hardware
You also need a software subscription for the URL/web stuff/IPS
Near the bottom of this page: http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/data_sheet_c78-701659.html
there is a chart with the options and part numbers. -
Hello all,
I am having a url rewriting issue where the first time someone accesses the website with a browser that has cookies enabled my jsp pages will still encode all of the URL's with the jsessionid. Which I believe should not happen unless cookies are disabled.
Why is this occuring?
Once the user goes to another page in the site or the second time they bring up the site in the same browser the jsessionid is not written to the URL links. This only happens on first access.
I am using Tomcat 5.5
response.encodeURL() to encode the links
Is this a container or programming error?
Thank you all very much for your time in reading this!Ok, thank you.
Based on this: http://www.sciabarra.com/fatwire/2011/04/17/improving-the-firstsiteii-url-assembler/
I think my approach would work if I remove the Asset API stuff from here and put them into a helper class, which would be then called from the wrapper JSP.
I'd rather not install 3rd-party extensions just for url rewriting, at least not yet... -
Websense URL Filtering is not working in transparent proxy mode
The "sh ip wccp web-cach detail" show that the redirection to CE cluster (5 of them)is working but the url filtering doesnt work at all. The Websense server is on the same VLAN as all the 5 CE. This thing happened when we reconfigured the wccp router list in all the 5 CE point to the msfc vlan ip from the loopback ip address of the msfc. But the strange thing is the filtering work well when we manually configured the proxy server in the internet explorer point to the CE. Any advise?
Thanks.
WilliamProblem is due to absense of Host header field . Most of the browsers will send host header field. But in HTTP/1.0 Host header is not a must , though most of the browsers send it.
-
Trend Micro Interscan URL Filtering policies not working
I have just inherited a ASA 5520 with a TrendMicro InterScan for CSC SSM (version 6.6.1125.0) with both Base and Plus licenses. We have several URL filtering policies setup with AD group checking via the Domain Controller Agents. These rules are currently in the order of most strict (only a couple of explicitly identified users and one IP address), then two different policies that block less content than the global list (each assigned to LDAP list based on AD group membership), then our global URL Filtering policy.
The most common problem I have is when I try to open a site for one of the LDAP groups the site does not become accessible until I also add it to the HTTP Exceptions list on the Global Policy thus opening it for all users.
Any suggestions?/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;}
Thanks,
Right now I removed tick form Leisure Time. But everything is open which I blocked.
But I wanna blocking 24hrs but During 7 to 8 I wanna leisure time.
If I tick marked all categories for both Work and Leisure then all things blocked
If I removed tick from Leisure column then everything open…
Kindly View attached Screen Shot -
Hello Aperture Users,
I am having filtering problems that do not make sense. When I filter a folder with in the library for "Calliope Hummingbirds" only I get 508 images but when I apply an additonal keyword of "Male" I get 1094 images that are the original Calliope and any other one that is "Male". This is not what I expect, I expect a smaller number of images that are both Calliope and Male.
My filter is (the little dark box with a magnifing glass icon on the upper right of the browser window. It is set to find images "include if ALL of the following MATCH".
Also not that the filtering take a long time 20 or more seconds. My entire library is some 13,000 images not huge, I think. Any ideas how to speed it up. I have a a dual processor G5 Power PC with 4.5 Gigs of Ram.
Thanks for your help in advance.
DickBelieve you want to filter the NULL values in the grid.if so, refer to the following post, hope it helps
http://social.technet.microsoft.com/Forums/sharepoint/en-US/23f6367e-17f1-4128-a2cd-bf946dc31414/spgridview-filtering-issues?forum=sharepointdevelopmentprevious
--Cheers -
ProtectLink Web Protect URL Filtering not working
Good day!
Please help.
We have a problem on our RV042 router.
The Protectlink WebProtect URL filtering is not working.
When we first activate the service (Nov. 12), it worked for a few days, then 2 days ago, our internet connection got problems. But yesterday, our ISP fix the problems on our internet connection, but the URL filtering of WebProtect is not working anymore even if it is enable, up to this time.
What should we do about this problem?
Thanks in advance for your kind replies!i have installed TMG 2010 and created url filtering rule for facebook.com but that problem
is ever after five minutes i can see that the users can access facebook. and then i check in TMG MMC so i can see that the Category Query says me that facebook.com is unknown....but just after five minutes i can see facebook has been automatically blocked
and i can also see in Category Query it says me facebook is in blog/wiki category...
so why it is changing automatically every after 5 or 10 minutes :( ?
where is the problem ???
i need your help please !! -
PIX515 URL filtering doen't work
Dear collegues,
I have one outside interface with global IP address 1.1.1.1 and two inside.
Both inside interfaces restrict and non_restrict have private IP addresses.
I tried to filter some URLs on PIX515 IOS 7.2, only on restrict interface but my filter does not work.
I can access prohibited URL from restrict interface.
Could you tell me what's wrong in my URL filtering?
Here is my config:
PIX Version 7.2(2)
hostname pixfirewall
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0
nameif outside
security-level 0
ip address 1.1.1.1 255.255.255.252
interface Ethernet1
nameif restrict
security-level 50
ip address 192.168.2.1 255.255.255.128
interface Ethernet2
nameif non_restrict
security-level 100
ip address 192.168.2.129 255.255.255.192
passwd 2KFQnbNIdI.2KYOU encrypted
regex domainlist1 "\.facebook\.com"
regex domainlist2 "\.twitter\.com"
regex domainlist3 "\.youtube\.com"
ftp mode passive
access-list inside_mpc extended permit tcp any any eq www
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
nat (restrict) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 1.1.1.1 1
class-map type regex match-any DomainBlockList
match regex domainlist1
match regex domainlist2
match regex domainlist3
class-map inspection_default
match default-inspection-traffic
class-map type inspect http match-all BlockDomainsClass
match request header host regex class DomainBlockList
class-map httptraffic
match access-list inside_mpc
policy-map type inspect http http_inspection_policy
parameters
protocol-violation action drop-connection log
class BlockDomainsClass
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
policy-map inside-policy
class httptraffic
inspect http http_inspection_policy
service-policy global_policy global
service-policy inside-policy interface restrict
endHi,
can you try inspecting http.
Regards.
Alain -
URL filtering replacing with web usage control
I come to know the URL filtering in ironport is replacing with the advanced web usage control. May i know from which version its introducing? Any upgradation procedure?
What are the changes will take place after the upgradation & what kind of functionality will be available with Web Usage Control.
Please clarify in detail.
Thanks in advance
SivaI don't remember when the web Usage controls was introduced... I'm going to guess 7.0?
To upgrade your box to the the current version, click on System Administration>System Upgrade. Click on the Available Upgrades and see what's available for your hardware. If nothing is there, contact your reseller.
Review the release notes for the version you want to upgrade to. http://www.cisco.com/en/US/products/ps10164/prod_release_notes_list.html
Select the version you want, check the box to save the config, you can also have it email you the config. Make sure to uncheck the "Mask passwords..." so that if you have to reload this config on something, it works properly.
There are a huge number of changes in how web usage control works, and the visibility it gives you into what apps users are using and how those applications work. Far to many to go into here. Look at this document:
Chapter 18. http://www.cisco.com/en/US/docs/security/wsa/wsa7.5/user_guide/WSA_7.5.0_UserGuide.pdfhttp://www.cisco.com/en/US/docs/security/wsa/wsa7.1/user_guide/Cisco_IronPort_AsyncOS_7.1.0_User_Guide_for_Web_Security_Appliances.pdf -
Hi All,
whenever I setup URL filtering in 1841 router with policy-map type http and zone-pair command, I experience 100% CPU spike. is there any workaround?
thanks for any suggestion
AlexDeep packet inspection for URL filtering is pretty much CPU intensive, I am afraid that without HW upgrade, there is nothing you can do about that.
Do you monitor CPU utilization with correlation to traffic load on device?
Best Regards
Please rate all helpful posts and close solved questions -
Url filtering Route policy Firewall ?
Hello,
I'd like to know if it's possible to make a route policy (based on an identity matched by url white list) that redirect http trafic to a firewall (Juniper SSG550M).
The objectif is to separate traffic depending on url request as professionnal and non professionnal traffic, but Juniper can't be used as Upstream Proxy because it can't be use as a proxy. So, is it possible to create 2 "Direct connection" routing policies and specify 2 différents gateway ?
Or, if you have any other idea to separate traffic depending on url, I take it !
Regards,
Romain.Hi Stella
AFAIK you can do URL filtering provided that you have a websense server installed at your site.
do refer this link for more info on the same..
http://www.cisco.com/en/US/partner/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008008d1f7.html
regds -
I have columns with null values, but in filter option I do not have the option (Empty) as standard in SharePoint Environment is.
protected void Page_Load(object sender, EventArgs e)
FillGrid();
private void FillGrid()
GridViewTest.DataBind();
public DataTable GetDataTable()
using (SPWeb sw = SPContext.Current.Web)
SPList sl = sw.Lists["CRTracking"];
DataTable ResTable = new DataTable();
ResTable.Columns.Add(new DataColumn("AppType"));
ResTable.Columns.Add(new DataColumn("CR no."));
foreach (SPListItem item in sl.Items)
DataRow dr = ResTable.NewRow();
dr["AppType"] = item["AppType"];
dr["CR no."] = item["CR no."];
ResTable.Rows.Add(dr);
return ResTable;
static ObjectDataSource odsDataSource = new ObjectDataSource();
protected void Page_Init(object sender, EventArgs e)
odsDataSource.ID = "odsDataSource";
odsDataSource.SelectMethod = "GetDataTable";
odsDataSource.TypeName = this.GetType().AssemblyQualifiedName;
odsDataSource.ObjectCreating += new ObjectDataSourceObjectEventHandler(odsDataSource_ObjectCreating);
odsDataSource.ObjectDisposing += new ObjectDataSourceDisposingEventHandler(odsDataSource_ObjectDisposing);
//odsDataSource.Filtering += new ObjectDataSourceFilteringEventHandler(GridViewTest_Filtering);
this.Controls.Add(odsDataSource);
GridViewTest.PagerTemplate = null;
GridViewTest.AllowFiltering = true;
GridViewTest.FilterDataFields = ",AppType,CR no.";
GridViewTest.FilteredDataSourcePropertyName = "FilterExpression";
GridViewTest.FilteredDataSourcePropertyFormat = "{1} = '{0}'";
private void odsDataSource_ObjectCreating(object sender, ObjectDataSourceEventArgs e)
e.ObjectInstance = this;
protected void odsDataSource_ObjectDisposing(object sender, ObjectDataSourceDisposingEventArgs e)
e.Cancel = true;
protected void GridViewTest_RowDataBound(object sender, GridViewRowEventArgs e)
if (sender == null || e.Row.RowType != DataControlRowType.Header)
return;
if (e.Row.RowType == DataControlRowType.Header)
SPGridView grid = sender as SPGridView;
if (String.IsNullOrEmpty(grid.FilterFieldName))
return;
// Show icon on filtered column
for (int i = 0; i < grid.Columns.Count; i++)
DataControlField field = grid.Columns[i];
if (field.SortExpression == grid.FilterFieldName)
Image filterIcon = new Image();
filterIcon.ImageUrl = "/_layouts/images/filter.gif";
filterIcon.Style[HtmlTextWriterStyle.MarginLeft] = "2px";
// If we simply add the image to the header cell it will
// be placed in front of the title, which is not how it
// looks in standard SharePoint. We fix this by the code
// below.
Literal headerText = new Literal();
headerText.Text = field.HeaderText;
PlaceHolder panel = new PlaceHolder();
panel.Controls.Add(headerText);
panel.Controls.Add(filterIcon);
e.Row.Cells[i].Controls.Add(panel);
break;
protected void GridViewTest_Sorting(object sender, GridViewSortEventArgs e)
if (ViewState["FilterExpression"] != null)
odsDataSource.FilterExpression = (string)ViewState["FilterExpression"];
if (ViewState["SortDirection"] != null && ViewState["SortExpression"] != null)
// We have an active sorting, so this need to be preserved
odsDataSource.SortParameterName = ViewState["SortExpression"].ToString();
//+ " " + ViewState["SortDirection"].ToString();
protected void GridViewTest_PageIndexChanging(object sender, GridViewPageEventArgs e)
GridViewTest.PageIndex = e.NewPageIndex;
GridViewTest.DataBind();
protected sealed override void LoadViewState(object savedState)
base.LoadViewState(savedState);
if (Context.Request.Form["__EVENTARGUMENT"] != null &&
Context.Request.Form["__EVENTARGUMENT"].EndsWith("__ClearFilter__"))
// Clear FilterExpression
ViewState["FilterExpression"] = null;
ViewState.Clear();
//ViewState.Remove("FilterExpression");
}Believe you want to filter the NULL values in the grid.if so, refer to the following post, hope it helps
http://social.technet.microsoft.com/Forums/sharepoint/en-US/23f6367e-17f1-4128-a2cd-bf946dc31414/spgridview-filtering-issues?forum=sharepointdevelopmentprevious
--Cheers -
So I've started to test the URL filtering capabilities on our C670s. So far I have found that there are quite a few false positives or incorrectly categorized web sites. Is there any mechanism in place to request a reclassification of a website?
JasonHi Robert,
Cisco Ironport is not having any phishing category.
https://securityhub.cisco.com/web/submit_urls
Using the above link, how we can report phishing URL.
many emails with phishing url.
FYI
Check the boxes and then assign a category:
Check
URL
Category
www.mirror.co.uk/news/uk-news/lottery-winner-give-away-26million-3967400
News
ithelpdeskservice.wix.com/service
Computers and Internet
mail.a4.3space.info
Computers and Internet
www.arabyonline.com
News
box1box1.wix.com
Computers and Internet
mypartners.netotrade.com
Business and Industry
--Sajid-- -
ASA5525-IPS-K9 web filtering issue?
Dear Team,
I bought a ASA5525-IPS-K9 and want to configure url filtering.
Please suggest Can I use ASA 5525-X CX AVC and Web Security Essentials license in this appliance.
Regards,
RajeshHi Sandeep,
Kindly have a look at the below mentioned link might be useful for you.
Configuring IPS
Regards,
Anim Saxena
Community Manager
*Do Rate Helpful Post* -
Hi,
I need to buy a firewall with some basic URL filtering. I only need to deny access to some URL and not using a service like Websense or something like that.
I would like to do this with an ISR, like 2800 family, because I don't need anti-x features but only basic firewalling, VPN, and Voice features.
The other option is to use ASA 5520, but I would like to make the simple URL filtering without the need to use CSC module.
Is there any way to to this?
Mario.There is no need to go for an ASA. A 2800 isr will do.
Refer the following url's for more details,
http://cisco.com/en/US/products/sw/iosswrel/ps5460/prod_bulletin09186a00801af451.html
http://cisco.com/en/US/products/ps6643/products_white_paper0900aecd804abb11.shtml
Maybe you are looking for
-
Spry 2.0 -- over state question
I am using the adobe widget browser for a horizontal spry menu for the first time and can't seem to get an over state to work. Can anyone post code to get this working? And is there a way to make the over states work when putting the menu in an inclu
-
Hi, I am scripting a backup of our printer queues using the printbrm.exe tool in Powershell on Windows Server 2008 R1. In my script, I execute the following command: PS> C:\Windows\System32\spool\tools\Printbrm.exe -s \\PRINTCLUSTER -b -f c:\scripts\
-
Will iOS 5 be available for the iPad 1 ???
I was just wondering if i could have the new iOS 5 on my iPad 1 when iOS 5 will come out this fall
-
J'aimerai avoir une sonnerie de téléphone, autre que les petites mélodies déja d'origine dans l'Iphone 4. Et pour cela, via l'application "réglage" j'ai acheté des musiques sur Itunes pour les utiliser. Or je ne trouve pas la fonction qui les met en
-
ThreadPoolRuntimeMBean missing information
I am trying to track some thread-related information via the JMX beans for Weblogic and it would appear that the ExecuteThread objects returned from the call ExecuteThreads is missing some information. From the Weblogic console (Environments->Server-