The firewall includes the ability to block access to specific web URLs based on keyword matches. This can allow large numbers of URLs to be blocked by specifying only a small number of keywords.
To use URL blocking, a set of keywords, actions, and time-of-day/day-of-week
specifications must be entered in the URL Block Setup Screen. The actions are
either `Block' or `Allow', depending on whether matching URLs should be
accessible or not. The first matching entry found for a URL will determine
the action to take.
A leading caret (^) can be used to force a prefix match,
while a trailing dollar sign ($) can be used to force a suffix match.
URL blocking for outbound requests (from inside users to outside web servers) works only with proxy HTTP access, not transparent access; however, the firewall will use a special kernel modification to make access appear transparent if an HTTP gateway is configured rather than a proxy. In this case, URL blocking will only be done for accesses to web servers on port 80, so it is recommended that you rather explicitly configure web access to be via a proxy if you want to use URL blocking.
URL blocking for inbound requests (frmo outside users to web servers inside the fierwall) also works. There is only one list of URL blocks, which is used for both inbound and outbound requests.
![\includegraphics[width=14cm,height=10cm]{urlblock.ps}](img64.png)