Настройка Kerio WinRoute Firewall 6.0

       

Предопределенные правила FTP


Перейдите в раздел Configuration / Content Filtering / FTP Policy для настройки ограничений FTP. Следующие правила являются предопределенными и могут быть использованы для всех оговоренных ограничений.

Forbid resume due antivirus scanning

This rule denies resuming interrupted data transfer (e.g. caused by a network error). If files transmitted by FTP are scanned, it is recommended to enable this rule (files transmitted “in pieces” cannot be reliably scanned).

Forbid upload

Deny storing data at FTP servers — this rule is already defined and it is satisfactory to switch it on if you intend to use it.

Forbid *.mpg, *.mp3 and *.mpeg files

This option denies transmission of sound files of the listed formats. This rule is already available and it can be enabled easily.

Forbid *.avi files

This rule will deny transmission of video files. Enable this rule, use the Edit button to open the appropriate dialog and define the Labor time time range in the Advanced tab.

Warning:

The FTP policy refers to all FTP traffic that is processed by the FTP protocol inspector.

In the following example, we intend to enable the local FTP server from the Internet. The Forbid upload rule denies even upload to this server which is not always desirable. For this reason we must add a rule that would enable upload to this server before the Forbid upload rule.

Notes:

  1. The IP address of the host where the appropriate FTP service is running must be used to define the FTP server's IP address. It is not possible to use only the firewall's external IP address from which the FTP server is mapped (IP translation is performed before content filtering rules are applied)!

  2. The same method can be applied to enable upload to a particular FTP server in the Internet whereas upload to other FTP servers will be forbidden.

Назад Вверх Вперед
2.8. Определение Web-правил  Оглавление  2.10. Настройка антивирусного сканирования



Содержание раздела