![]() ![]() I disabled the IPS Rule altogether and this IP does not appear in the IPS denied log. I just want to wildcard domains and even IPs that should bypass AV scanning. My question is, does the regex above even work? Are the regex exceptions in the right place to exclude scanning even though I am not scanning https? This seems like it is harder than it should be. I also have an exception for all direct IP. This is the policy that has HTTP scanning enabled along with the exception regex from above. i.P.l.t.ĭate= Time=19:06:43 log_id=0102021 log_type=Firewall log_component= Invalid_Traffic log_subtype= Denied log_status=N/A log_priority= Alert duration=N/A in_dev=PortA out_dev= inzone_id=0 outzone_id=0 source_mac=*******dest_mac=*******_protocol=IP source_ip=192.168.0.150 dest_ip=24.105.29.23 l4_protocol=TCP source_port=7874 dest_port=80 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_ classid=4049079546425638912 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=0 masterid=0 status=0 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |