break HTTPS Domain Filter for HTTPS traffic

PeterUK
PeterUK Posts: 1,383  Guru Member
edited August 4 in Security

Zywall 110 V4.72(AAAA.0)ITS-22WK28-r104687

I seem to have found a way to break HTTPS Domain Filter for HTTPS traffic when editing the zywall 110 content filter and needing to be rebooted to fix it.

So heres what I'm doing the HTTPS Domain Filter for HTTPS traffic is broken (not sure how yet I hope I can make it happen again) I have a Profile grc3 with custom service tab enable Custom Service and Check Common Trusted/Forbidden List checked in Forbidden Web Sites I have *.grc*.com then in policy control top rule with grc3 for HTTP and HTTPS taffic.

I can get to GRC.com! So changing nothing I reboot and NOW GRC.com is blocked so...time to brake it!

I go to the policy control uncheck content filter set to none and ok

go to content filter remove grc3

add a new profile name grc4 go to custom service tab enable Custom Service and Check Common Trusted/Forbidden List checked in Forbidden Web Sites I have *.grc*.com go back to policy control to add grc4 grc does not load uncheck content filter grc4 can get to grc.com re-enable can't get to grc.com....ok remove the policy control rule and add it back in grc blocked disable/Enable HTTPS Domain Filter for HTTPS traffic still blocked removed *.grc*.com test grc it loads add grc.com in Forbidden Web Sites grc loads...remove grc.com add *.grc*.com and YES grc loads so changing nothing reboot and... NOW HTTPS Domain Filter for HTTPS traffic works.


All Replies

  • smb_corp_user
    smb_corp_user Posts: 13  Freshman Member
    Sorry for nitpicking, please use the spelling "break" instead of "brake" when saying that something has stopped working. The word "brake" means to slow down, like using the brakes in your car or other vehicle. Use "break" to mean that something gets destroyed. (Thank you in advance.)
  • I think it could be browser cache or content filter cache. You may use an incognito browser, and clear TCP sessions, CF cache before tests.
    Router#debug conntrack flush    //clear TCP sessions
    Router(config)#content filter cf-queue flush   //clear Content filter cache

Security Highlight