File Format and Rules > IP Address Profiles:

Filtering profiles can be customized to allow/deny users access to library categories, or warn users prior to accessing a requested URL, redirect users to the Authentication Request Form or another URL instead of having the standard block page display, and enable any of the following filter options: X Strikes Blocking feature, Google/Bing/Yahoo!/Youtube/Ask/AOL Safe Search Enforcement, Search Engine Keyword Filter Control, and/or URL Keyword Filter Control with/without the Extend URL Keyword Filter Control option. Quotas can be included in order to designate the amount of time a user can access specified library categories.

Each filtering profile should be entered on a separate line. Filter options should be included at the end of the profile string, followed by quotas, if the filtering profile is using quotas.

Filter Option Codes
• 0x1 = Exception URL Query (this feature is always enabled for IP profiles)
• 0x2 = X Strikes Blocking
• 0x4 = Google/Bing/Yahoo!/Youtube/Ask/AOL Safe Search Enforcement
• 0x100 = Search Engine Keyword
• 0x200 = URL Keyword
• 0x1000 = Extend URL Keyword Filter Control

NOTE: To enable multiple filter codes, add the codes together. For example, to enable all features for an IP profile, add 1 + 2 + 4 + 100 + 200 + 1000 = 1307, which means that 0x1307 should be added at the end of the profile string. To disable all filter codes for an IP profile, enter 0x1 at the end of the profile string.

Quota Format
To include quotas in a profile string, use this format: A semicolon ( ; ), Overall Quota minutes, a comma ( , ), the first library category code, a colon ( : ), the number of quota minutes, and a comma between each quota. For example: ;20, LCOMM:15, COMORG:15

NOTE: A zero ( 0 ) Overall Quota indicates the Overall Quota is not being used in the profile.

Top

Category Command Codes
Category command codes must be entered in the following order: J, R, M, I. “PASSED” should either be entered after J, R, or M, or after a string of category codes following J, R, or M.

J = Positioned before the category/categories defined as "always allowed."
R = Positioned before the category/categories defined as "blocked."
M = Positioned before the category/categories defined as containing URLs potentially against the organization’s policies, and accompanied by a warning message.
I = Positioned at the end of a profile string, indicating that all other categories should “pass.”
PASSED = When positioned at the end of a string of categories or after a category command code, this code indicates that unidentified categories will follow suit with categories defined by that code: J (pass), R (block), or M (receive warning message).

Top

Master IP Address Profile Format (Web Filter software version 5.x.xx)

The syntax of the file uploaded to the master IP group should be as follows:
• <name>, <IP or IP Mask or IP range>, <rule>{, <redirect URL>, <filtering options>}{; <quota string>}
• <name>, <IP or IP Mask or IP range>, <Port filtering definition>, <Category filtering definition>, <flag for traffic bypass/filter/block>{, <redirect URL>, <filtering options>}{; <quota string>}

Examples:
• IP Mask Format:
admin,100.150.11.5/24,Rule0,1,auth,0x1

• IP Range Format:
acct,10.10.10.3-10.10.10.5,Rule0, ,0x300

• IP Address with Quota:
rreynolds,150.100.30.2,A,J FINAN R EXART PASSED M BUGS I,1, ,0x4;0, EMPL:30, FINAN:30, GENBUS:30, TRADING:30, ESTATE:30

Master IP Profile Examples with Filter Options (Web Filter software version 5.x.xx)

• If all features are enabled:

tjones,100.10.160.136/32, A ,J HUMOR R ART KDPORN M GPORN I , 1, , 0x307

• If only Google/Bing/Yahoo!/Youtube/Ask/AOL Safe Search Enforcement is enabled:

jsmith,100.10.160.142/32,A ,J ART R COMICS M I,1,auth,0x5

• If only Search Engine Keyword is enabled:

pjohnson,100.10.160.9/32,Rule1, ,0x101

• If only X Strikes Blocking and URL Keyword Filtering are enabled:

ssnetsinger,100.10.160.138/32,J R GENTER GGAMES M EXART RELOPN I, auth,0x203

• If all options are disabled:

ajones,100.10.160.40/32,Rule5, http://www.logo.com/block.html, 0x1

Top

Master IP / MAC Address Profile Format (Web Filter software version 4.x.xx)

The syntax of the file uploaded to the master IP group should be as follows:
• <name>, <IP or IP Mask or IP range or MAC>, <rule>{, <redirect URL>, <filtering options>}{; <quota string>}
• <name>, <IP or IP Mask or IP range or MAC>, <Port filtering definition>, <Category filtering definition>, <flag for traffic bypass/filter/block>{, <redirect URL>, <filtering options>}{; <quota string>}

Examples:
• IP Mask Format:
admin,100.150.11.5/24,Rule0,1,auth,0x1

• IP Range Format:
acct,10.10.10.3-10.10.10.5,Rule0, ,0x300

• IP Address with MAC Address Format:
rreynolds,150.100.30.2,A,J FINAN R EXART PASSED M BUGS I,1, ,0x4
rreynolds,00:04:21:AF:33:E1,A,J FINAN R EXART PASSED M BUGS I,1, ,0x200

• IP Address with Quota:
rreynolds,150.100.30.2,A,J FINAN R EXART PASSED M BUGS I,1, ,0x4;0, EMPL:30, FINAN:30, GENBUS:30, TRADING:30, ESTATE:30

Master IP / MAC Address Profile Examples with Filter Options (Web Filter software version 4.x.xx)

• If all features are enabled:

tjones,100.10.160.136/32, A ,J HUMOR R ART KDPORN M GPORN I , 1, , 0x307

• If only Google/Bing/Yahoo!/Youtube/Ask/AOL Safe Search Enforcement is enabled:

jsmith,100.10.160.142/32,A ,J ART R COMICS M I,1,auth,0x5

• If only Search Engine Keyword is enabled:

pjohnson,100.10.160.9/32,Rule1, ,0x101

• MAC Address Format, if only X Strikes Blocking and URL Keyword Filtering are enabled:

ssnetsinger,00:03:12:AE:25:C3,J R GENTER GGAMES M EXART RELOPN I, auth,0x203

• If all options are disabled:

ajones,100.10.160.40/32,Rule5, http://www.logo.com/block.html, 0x1

Top

Related Topics:

• Categories
• Ports
• Filter Mode
• Redirect URL
• Quota
• URL Format Rules
• LDAP Format
• LDAP Username Format

Back | Top