How does one define the resource for this kind of filtering. Can you direct me to reading (preferably with samples) of creating such resources to match different kinds of traffic?
> -----Original Message----- > From: Mailing list for discussion of Firewall-1 [mailto:FW-1- > [EMAIL PROTECTED] On Behalf Of Bobby Tehranian > Sent: Thursday, January 08, 2004 1:03 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] HTTP Resources > > Create a user group and user id for those who need download access. Then > create a rule that reads as such > > [EMAIL PROTECTED] any destination service=http&ftp (or what ever you need) > action=client authentication. > Then, those users who need to download can telnet to <your firewall> on > port > 259 to authenticate. You could also configure the authentication through > a > web page. > Keep in mind that if your users are sharing a desktop, if one user > authenticates all will gain access. > > > On 1/7/04 3:23 PM, "Juan Andres Galavis" <[EMAIL PROTECTED]> > wrote: > > > Hello Gurus, > > > > I'm trying to configure http resources but can't really manage to > achieve > > what I need. > > > > Here is the big picture: > > I've got this rule: source->any destination->my_intenal_net > > service->http_resource action->accept > > My internal net can perfectly surf on the web, but they cannot download > any > > attachments or applications. This is Ok (it's great!) but some users > (not > > all) need to download attachments and applications. > > > > What I am trying to achieve is to permit web surfing but limit web > > downloading (attachments, applications, documents, etc.). Just specific > > users are authorized to download files from Internet. > > > > Please guide me with your knowledge to accomplish this task! Thanks in > > advance.... > > > > Saludos/Cheers, > > > > Juan Andr�s Galav�s > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
