Chapter 40 Reputation Filter
ZyWALL Series CLI Reference Guide
333
show anti-botnet signatures
version
Displays the signature set version number currently used by the Zyxel
Device. This number gets larger as new signatures are added.
show anti-botnet status
Displays the action and log settings for the URL Threat Filter service.
show security-service
status
Displays whether security services such as anti-malware are enabled on
the Zyxel Device.
show threat-website status
Displays the action, log, message and category settings for the URL Threat
Filter service.
show threat-website
{trust|forbid}
Displays the current URL Threat Filter white list (trust) or black list (forbid).
[no] threat-website action
{block | log | pass | warn}
Sets what action the Zyxel Device takes when it detects a connection
attempt to or from the web pages of the specified categories.
block: The Zyxel Device blocks access to the web pages that match the
categories that you specified.
log: The Zyxel Device creates a log when it detects a connection attempt
to or from the web pages of the specified categories.
warn: The Zyxel Device displays a warning message to the access
requesters for the web pages before allowing users to access web pages
that match the categories that you specified.
pass: The Zyxel Device allows access to the web pages that match the
categories that you specified.
[no] threat-website block
message message
Sets a message to be displayed when the URL Threat Filter blocks access to
a web page.
message: Use up to 127 characters (0-9a-zA-Z;/?:@&=+$\.-_!~*'()%,”). For
example, “Access to this web page is not allowed. Please contact the
network administrator”.
[no] threat-website block
redirect url
Sets the URL of the web page to which you want to send users when their
web access is blocked by the URL Threat Filter. The web page you specify
here opens in a new frame below the denied access message.
url: Use “http://” or “https://” followed by up to 262 characters (0-9a-zA-
Z;/?:@&=+$\.-_!~*'()%). For example, http://192.168.1.17/blocked access.
[no] threat-website
category {anonymizers |
browser-exploits | botnets
| compromised | malicious-
downloads | malicious-sites
| malware | phishing |
phishing-fraud | spam-sites
| spam-urls | spyware-
adware-keyloggers}
The Zyxel Device blocks the specified web page categories. The no
command unblocks the specified category.
For compatibility, legacy categories are still included as options and map
to the following new categories:
• phishing-fraud -> phishing
• spam-sites -> spam-urls
• compromised, malware, botnets -> malicious-sites
threat-website {trust |
forbid}
Enters sub command mode, where you can add or remove web site
entries in the white list (trust) or black list (forbid).
Table 180 URL Threat Filter Commands (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
