« previous next »
Pages: [1]   Go Down

Author Topic: Appplication Firewall CLI  (Read 3114 times)

Offline evildani

  • Administrator
  • Hero Member
  • *****
  • Posts: 373
  • Karma: 22
Appplication Firewall CLI
« on: January 09, 2008, 05:11:12 AM »
I am posting the CLI tree. all posibilities for creating and enabilig, this might be usefull or not.

add appfw profile <name> -defaults {basic | advanced }
add appfw policy <name> <rule> <profileName>
bind appfw global <policy> <priority>
> set appfw profile <name>
        -startURLAction <startURLAction>
         { none | block | learn | log  stats }
        -startURLClosure ( ON | OFF )
        -denyURLAction <denyURLAction>
         { none | block | learn | log  stats }
        -cookieConsistencyAction <cookieConsistencyAction>
         { none | block | learn | log  stats }
        -fieldConsistencyAction <fieldConsistencyAction>
         { none | block | learn | log  stats }
        -crossSiteScriptingAction <crossSiteScriptingAction>
         { none | block | learn | log  stats }
        -crossSiteScriptingTransformUnsafeHTML ( ON | OFF )
        -crossSiteScriptingCheckCompleteURLs ( ON | OFF )
        -SQLInjectionAction <SQLInjectionAction>
         { none | block | learn | log  stats }
        -SQLInjectionTransformSpecialChars ( ON | OFF )
        -SQLInjectionOnlyCheckFieldsWithSQLChars ( ON | OFF )
        -fieldFormatAction <fieldFormatAction>
         { none | block | learn | log  stats }
        -defaultFieldFormatType <string>
        -defaultFieldFormatMinLength <positive_integer>
        -defaultFieldFormatMaxLength <positive_integer>
        -bufferOverflowAction <bufferOverflowAction>
         { none | block | learn | log  stats }
        -bufferOverflowMaxURLLength <positive_integer>
        -bufferOverflowMaxHeaderLength <positive_integer>
        -bufferOverflowMaxCookieLength <positive_integer>
        -creditCardAction <creditCardAction>
         { none | block | learn | log  stats }
        -creditCard <creditCard>
              { visa | mastercard | discover | amex | jcb | dinersclub }
        -creditCardMaxAllowed <positive_integer>
        -creditCardXOut ( ON | OFF )
        -errorURL <expression> puede ser una regex o un string
        -stripComments ( ON | OFF )
        -defaultCharSet <string>

One mistake I have detected is in the errorUrl param, int the CLI it receives a expression, i.e: ^http://www.netscalerkb.com$
Yet on the GUI it recieves a string, i.e: "http://www.netscalerkb.com"
I dont know which one is the correct value.

Later

On a sidenote, I am presenting the certification exam for appfw friday...

Logged

Offline jmelika

  • Administrator
  • Hero Member
  • *****
  • Posts: 339
  • Karma: 7
Re: Appplication Firewall CLI
« Reply #1 on: January 11, 2008, 05:48:00 AM »
Good luck on your exam!  Let us know how it went  ;D
Logged

Offline evildani

  • Administrator
  • Hero Member
  • *****
  • Posts: 373
  • Karma: 22
Re: Appplication Firewall CLI
« Reply #2 on: January 13, 2008, 01:33:13 AM »
I passed, yet not very proud of the final grade. I guess I will retake it in the following months.
Logged

Offline jmelika

  • Administrator
  • Hero Member
  • *****
  • Posts: 339
  • Karma: 7
Re: Appplication Firewall CLI
« Reply #3 on: January 14, 2008, 02:45:48 AM »
Well congratulations!
Logged
Pages: [1]   Go Up
« previous next »