Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 2057 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web filtering exceptions

hypervfan
I got web filters limiting allowed domains hard. But I need an exception so I can get TeamViewer to work. I see this being blocked in the filtering log:
2014:11:27-15:34:54 icesophos httpproxy[17901]: id="0060" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden category detected" action="block" method="GET" srcip="192.168.1.90" dstip="" user="" ad_domain="" statuscode="403" cached="0" profile="REF_HttProContaInterNetwo (Internet PC)" filteraction="REF_ACC_GBL_89a0adae62514da8a0c0a28566302bdf2bdf (Internet PC)" size="3289" request="0x914add8" url="217.146.14.4/din.aspx

This comes up with different IP's and different categories, so I was thinking that a filter exception allowing all url's containing something like "din.aspx?s=00000000&client=DynGate&rnd" would be accepted.

Will this be possible, and if so how do I write the corrrect exception url?


This thread was automatically locked due to age.
  • 0
    The danger of that approach is that it's the equivalent of beginning the REGEX with '.*' (anything of any length) instead of '^' (starts with).

    '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b' will match 0.0.0.0-999.999.999.999; more than we need to allow, but enough to let us create a "normal" Exception for:

    ^https?://\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/din.aspx?s=00000000&client=DynGate&rnd


    Did that work for you?

    Cheers - Bob
  • 0
    Thanks for the reply, will check it tomorrow and report back how it works out