Chapter 43 Content Filtering
ZyWALL Series CLI Reference Guide
369
trust_hosts
The IP address or domain name of a trusted web site. Use a host name such as www.good-
site.com. Do not use the complete URL of the site – that is, do not include “http://”. All
subdomains are allowed. For example, entering “zyxel.com” also allows “www.zyxel.com”,
“partner.zyxel.com”, “press.zyxel.com”, etc. Use up to 63 case-insensitive characters (0-9a-
z-).
You can enter a single IP address in dotted decimal notation like 192.168.2.5.
You can enter a subnet by entering an IP address in dotted decimal notation followed by a
slash and the bit number of the subnet mask of an IP address. The range is 0 to 32.
To find the bit number, convert the subnet mask to binary and add all of the 1’s together.
Take “255.255.255.0” for example. 255 converts to eight 1’s in binary. There are three 255’s,
so add three eights together and you get the bit number (24).
An example is 192.168.2.1/24
You can enter an IP address range by entering the start and end IP addresses separated
by a hyphen, for example 192.168.2.5-192.168.2.23.
IPv6 support format like:
Single ip - 2001::1
Range format - 2001::1-2001::5
Prefix format - 2001::1/64
forbid_hosts
The IP address or domain name of a forbidden web site.
Use a host name such as www.bad-site.com into this text field. Do not use the complete
URL of the site – that is, do not include “http://”. All subdomains are also blocked. For
example, entering “bad-site.com” also blocks “www.bad-site.com”, “partner.bad-
site.com”, “press.bad-site.com”, etc. Use up to 63 case-insensitive characters (0-9a-z-).
You can enter a single IP address in dotted decimal notation like 192.168.2.5.
You can enter a subnet by entering an IP address in dotted decimal notation followed by a
slash and the bit number of the subnet mask of an IP address. The range is 0 to 32.
To find the bit number, convert the subnet mask to binary and add all of the 1’s together.
Take “255.255.255.0” for example. 255 converts to eight 1’s in binary. There are three 255’s,
so add three eights together and you get the bit number (24).
An example is 192.168.2.1/24
You can enter an IP address range by entering the start and end IP addresses separated
by a hyphen, for example 192.168.2.5-192.168.2.23.
IPv6 support format like:
Single ip - 2001::1
Range format - 2001::1-2001::5
Prefix format - 2001::1/64
keyword
A keyword or a numerical IP address to search URLs for and block access to if they contain
it. Use up to 63 case-insensitive characters (0-9a-zA-Z;/?:@&=+$\.-_!~*'()%,) in double
quotes. For example enter “Bad_Site” to block access to any web page that includes the
exact phrase “Bad_Site”. This does not block access to web pages that only include part of
the phrase (such as “Bad” in this example).
message
The message to display when a web site is blocked. Use up to 255 characters (0-9a-zA-Z;/
?:@&=+$\.-_!~*'()%,) in quotes. For example, “Access to this web page is not allowed.
Please contact the network administrator.”
Table 205 Content Filter Command Input Values (continued)
LABEL DESCRIPTION
To Next Page
Loading...
