Example: Configuring Content Filtering Feature Profiles (CLI)
After you create your custom objects, configure the content-filtering feature profile:
- Create the content-filtering profile. The following
example creates the confilter1 profile: user@host# set security utm feature-profile content-filtering profile confilter1
- Apply protocol block command custom objects
to the content-filtering profile. The following example applies the
ftpprotocom1protocol command list custom object to the confilter1
feature profile: user@host# set security utm feature-profile content-filtering profile confilter1 block-command ftpprotocom1
- Apply blocks to other available content.
The list of content types available from the “block-content-type”
command are only supported for HTTP blocking. The following example
applies blocks to java applets, executable files, and HTTP cookies: user@host# set security utm feature-profile content-filtering profile confilter1 block-content-type java-applet exe http-cookie
- Apply extension list custom objects to
the content-filtering profile for blocking extensions. The following
example applies the extlist2 custom object to the confilter1 content-filtering
profile: user@host# set security utm feature-profile content-filtering profile confilter1block-extension extlist2
- Apply MIME pattern list custom objects
to the content-filtering profile for blocking MIME types. If configured,
you can also apply a MIME exception list. The following example applies
the cfmime1 and ex-cfmime1 lists to the confilter1 profile: user@host# set security utm feature-profile content-filtering profile confilter1 block-mime list cfmime1 exception ex-cfmime1
- Apply protocol permit command custom
objects to the content-filtering profile. (The permit protocol command
list is intended to act as an exception list for the block protocol
command list.) The following example applies the ftpprotocom2 protocol
permit command custom object to the confilter1 profile: user@host# set security utm feature-profile content-filtering profile confilter1 permit-command ftpprotocom2
Note: Protocol command lists, both permit and block, are created by using the same custom object.
- Configure the notification options. You can configure
notifications with custom messages or specify that no notifications
be sent. In this example, you configure a custom message and send
a notification message: user@host# set security utm feature-profile content-filtering profile confilter1 notification-options custom-message “the action is not taken” notify-mail-sender type message
Related Topics
JUNOS Software Feature Support Reference for SRX Series and J Series Devices