Wow! Since there were so many requests, here's the solution. And to give credit where
it's due: I found this in the Nokia knowledgebase, available to all Nokia IP Product
users!
.....
2. If you do not have a CVP server, you can do it with a URI resource object with a
match specification of type wildcards. Use the Resource Manager to create a new URI.
Call it "RA-deny".
The URI Definition window would have the following in the "Match" tab:
Schemes: HTTP
Methods: GET
Host: *
Path: {*/*.{ra,rm,ram},*.{ra,rm,ram}}
Query: *
Create a rule that uses RA-deny.:
Internal-Net Any http->ra-deny Reject Long
The extension list in the PATH statement can be expanded, just add mp3 or whatever.
Hope that helps everybody
Cheers
Ralf G.
Techem
Network Security Admin.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
