Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] HTTP with resource

To: [email protected]
Subject: Re: [FW-1] HTTP with resource
From: Onie Camara <[email protected]>
Date: Thu, 21 Mar 2002 22:36:51 -0600
References: <BF8EB306059FA640A6FD65F289991ADB043D90E7@srvexarl01.acf.americredit.com>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Just a wild guess.

I usually see Content-Dispostion on mail headers specifically on the
attachment part. Maybe, you can be more specific on your websense rule so
that it doesn't trigger everything that it sees.

Like Content-Disposition-blah-......

----- Original Message -----
From: "Mills, Paul" <[email protected]>
To: <[email protected]>
Sent: Thursday, March 21, 2002 9:47 PM
Subject: Re: [FW-1] HTTP with resource


> I am also having an issue with Websense and VPN-1 4.1 SP5
> If a website has a really long URL or uses JavaScript, I receive an error
> message in the logs
> "reason Content-Disposition connections are not allowed"
>
> I tried experimenting with the Connection options (transparent, proxy &
> tunneling) to no avail.
>
> Websense doesn't know what's up and I've got Nokia and Checkpoint running
> around in circles on this problem.  I get this error message when I use
the
> Websense as the HTTP resource or "Wildcard" as the resource (as
recommended
> by Websense to narrow down the problem) with or without Client Auth (used
> for Authorized Internet Access)
>
> Since I have all the vendors stumped, anyone here have any suggestions?
>
> Paul Mills
> CheckPoint Certified (CCSA, CCSE)
> Senior Data Security Analyst-Firewall Group
>
>
> -----Original Message-----
> From: Jim Parker [mailto:[email protected]]
> Sent: Monday, March 18, 2002 10:37 AM
> To: [email protected]
> Subject: Re: [FW-1] HTTP with resource
>
>
> BTW
> 4.1 SP5
>
> ----- Original Message -----
> Subject: [FW-1] HTTP with resource
>
>
> > Is the following a bug, or a feature?
> >
> > I set up a rule, any - any - 'http with resource' - reject to filter
> blocked
> > URI's with websense.
> > I have 'transparent' checked but not 'proxy' as I don't want to use the
> > proxy feature.
> > The next rule allows http so that all sites accepted by websense db get
> > allowed through.
> >
> > When i set the firewall as my default gateway and open up a browser, and
> go
> > to playboy.com the page is blocked so the rule is working, I try
> google.com
> > and get out so ok - working.
> >
> > Now, if i set the fw port 80 as my proxy in the browser and try
> playboy.com
> > again I get straight out onto the net. bypassing websense because proxy
> > wasn't checked and therefore doesn't match the rule.
> >
> > Surely not checking 'proxy' should mean don't act as a proxy???
> >
> > Your thoughts gents.
> > JP
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] HTTP with resource
  - From: "Mills, Paul" <[email protected]>

Prev by Date: Re: [FW-1] HTTP with resource
Next by Date: Re: [FW-1] Need help with static destination NAT on Linux
Previous by thread: Re: [FW-1] HTTP with resource
Next by thread: [FW-1] Downloading the attachment in Yahoo/Hotmail
Index(es):
- Date
- Thread