Filter
Top Products
Wizards > Application Firewall Wizard
1426
SonicOS 5.8.1 Administrator Guide
Step 7 The screen displayed here will vary depending on your choice of policy rule in the previous step.
For the following policy rules, the wizard displays the Set Application Firewall Object Content
screen on which you can select the traffic direction to scan, and the content or keywords to
match.
• All SMTP policy rule types except Specify maximum email size
• All POP3 policy rule types
• All Web Access policy rule types
• All FTP policy types except Make all FTP access read-only and Disallow usage of SITE
command
In the Set Application Firewall Object Content scr
een, perform the following steps:
• In the Direction drop-down list, select the traffic direction to scan from the drop-down list.
Select one of Incoming, Outgoing, or Both.
• Do one of the following:
Note If you selected a choice with the words except the ones specified in the
previous step, content that you enter here will be the only content that does not
cause the action to occur. See “Negative Matching” on page 639.
–
In the Content text box, type or paste a text or hexadecimal representation of the
content to match, and then click Add. Repeat until all content is added to the List text
box.
–
To import keywords from a predefined text file that contains a list of content values, one
per line, click Load From File.
• Click Next.
If you selected a policy type in the previous step
that did not result in the Set Application
Firewall Object Content screen with the standard options, the wizard displays a screen that
allows you to select the traffic direction, and certain other choices depending on the policy type.
• In the Direction drop-down list, select the traffic direction to scan.
• SMTP: In the Set Maximum Email Size screen, in the Maximum Email Size text box, enter
the maximum number of bytes for an email message.
• Web Access: In the special-case Set Application Firewall Object Content screen, the
Content text box has a drop-down list with a limited number of choices, and no Load From
File button is available. Select a browser from the drop-down list.
• FTP: In the special-case Set Application Firewall Object Content screen, you can only
select the traffic direction to scan.
• Click Next.
Step 8 In the Application Firewall Action Type screen, select the action to take when matching content
is found in the specified type of network traffic, and then click Next.
You will see one or more of the following choice
s depending on the policy type, which is shown
in parentheses here for reference:
• Blocking Action - block and send custom email reply (SMTP)
• Blocking Action - block without sending email reply (SMTP)
• Blocking Action - disable attachment and add custom text (POP3)
• Blocking Action - custom block page (Web Access)
• Blocking Action - redirect to new location (Web Access)