Configuring HTTP/FTP Control

This section describes how to configure the HTTP/FTP control function. Based on the conditions of users, schedules, applications, the administrators can create proper HTTP/FTP rules. And the system will deal with the matched traffic according to the configurations.

Creating a HTTP/FTP Control Rule

To create a HTTP/FTP control rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. Click New.
  3. In the HTTP/FTP Control Rule Configuration dialog, type the name of the rule into the Name box.
  4. Under Match Conditions, specify the conditions for the rule. The conditions include destination zone, user, and schedule.
    Item Description
    Dst zone Specifies the destination zone for the rule.
    User

    Specifies the user for the rule. It can be address entry, IP address, IP range, role, user, or user group. The default user is Any, which means all users. Click Choose to configure the user condition.

    1. Specify the user type in the Type option. It can be one the following types: Src address or User. Choose the option button of the wanted type and finish the related settings.
      • Src address: Use the Src address type. The member of it can be address entry, IP, and IP range. If Address entry is selected, from the Address entry drop-down list, select the address entry you want or click New addressbook to create a new address entry in the Address Entry Configuration dialog; if IP is selected, type the IP address and netmask into the IP address box; If IP range is selected, type the IP range in the IP range box.
      • User: Use the User type. The member of it can be role, user, and user group. From the User type drop-down list, select the type you want. If Role is selected, from the Role drop-down list, select the role you want; if User is selected, from the AAA server drop-down list, select the user name you want; if User group is selected, from the AAA server drop-down list, select the AAA server you want, and from the Group drop-down list, select the group you want.
    2. Click Add to add the configured users into the system. And the added users will be shown in the list below. To delete a user, select the user from the list, and then click Delete.
    3. Click OK to save the settings
    Schedule

    Specifies the schedule of the rule. The rule will take effect in the period defined by the schedule. By default, no schedule is specified, and the rule is available all the time. Click Choose to select schedules in the Schedule dialog. Select the check boxes of the wanted schedules in the list or create new schedules by click New. For more information about schedules, see Configuring Schedules.
  5. Under Action, specify the control contents (FTP control, HTTP control and HTTP download block) and actions (block, permit, and log).
    Control contents Description
    FTP

    Controls the FTP methods, including Login, Get, and Put. Expand FTP, and configure the FTP control options.

    1. From the first drop-down list, select the method to be controlled, it can be GET, PUT, or Login.
    2. Type the file name (for the method of GET or PUT) or user name (for the method of Login) into the next box.
    3. From the second drop-down list, select the action. It can be Block or Permit.
    4. From the third drop-down list, specify whether to record the log messages.
    5. Click Add.
    6. Repeat 1 to 5 to add more control items. To edit/delete the control item, select an item from the list, and then click Edit/Delete.
    HTTP

    Controls the HTTP methods, including Connect, GET, PUT, Head, Options, Post, Trace, and Delete. Expand HTTP, and configure the HTTP control options.

    1. From the first drop-down list, select the method to be controlled, it can be Connect, GET, PUT, Head, Options, Post, Trace, or Delete.
    2. Type the domain name into the next box.
    3. From the second drop-down list, select the action. It can be Block or Permit.
    4. From the third drop-down list, specify whether to record the log messages.
    5. Click Add.
    6. Repeat 1 to 5 to add more control items. To edit/delete the control item, select an item from the list, and then click Edit/Delete.
    Block HTTP download

    Blocks the download of HTTP binary files, ActiveX, and Java Applet. Expand Block HTTP download, and select the check boxes of the file types to be blocked.
  6. Click OK to save the settings.

If necessary, you can go on to configure the functions of Warning Page, Bypass Domain, and User Exception.

Notes:

Editing a HTTP/FTP Control Rule

To edit a HTTP/FTP control rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. Select the rule you want to edit and click Edit.
  3. In the HTTP/FTP Control Rule Configuration dialog, modify according to your need.

Deleting a HTTP/FTP Control Rule

To delete a HTTP/FTP rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. Select the rule you want to delete from the list and click Delete.

Enabling/Disabling a HTTP/FTP Control Rule

By default, the HTTP/FTP control rule will take effect as soon as it is created. You can make the rule unavailable to the traffic by disabling it.

To enable/disable a HTTP/FTP control rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. Select the rule you want to enable/disable from the list and click Enable/Disable.

Adjusting the Priority of a HTTP/FTP Control Rule

The system takes the first-hit-first-serve method for the rules. And for the position of the rules, the upper it is, the higher the priority is. If two rules have the same conditions, the rule with higher priority will be matched. You can adjust the priority of the rules by moving their positions.

Adjusting the priority of a rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. Click Priority.
  3. In the Adjust Priority dialog, select a rule and then click the buttons on the right to move the rule.
    Item Description
    Up Move up one position.
    Down Move down one position.
    Top Move to the top.
    Bottom Move to the bottom.
  4. Click OK to save the changes.

Viewing Details of a HTTP/FTP Control Rule

To view details of a HTTP/FTP Control rule, take the following steps:

  1. On the Navigation pane, click Configure > Content > HTTP/FTP Control to visit the HTTP/FTP Control page.
  2. In the rule list, click the name of the rule, and you can get the detailed information of the rule in the Details dialog.