A
PPENDIX
D: P
ROFILE
F
ORMAT
AND
R
ULES
F
ILE
F
ORMAT
: R
ULES
AND
E
XAMPLES
M86 S
ECURITY
U
SER
G
UIDE
265
Pornography and Pornography/Adult Content, Warn on
Uncategorized URLs, and Pass all other categories, use
filter mode 1, use redirect URL http://www.cnn.com in
place of the standard block
page, no filter options
enabled.
•
profile for a workstation named “WIN2000-79AHM”,
organizational unit “Domain Controllers”, domain “logo”,
DNS suffix “.net”: Block all ports, use minimum filtering
level, use filter mode 1, use standard block page, enable
all filter options.
User profile list format
Here are examples of user profile entries in an ldapuserpro-
file.conf file:
CN=Jane Doe, CN=Users, DC=qc, DC=local; R 21 A, J
R KDPORN GPORN M PASSED I,1, , 0x1
CN=Public\, Joe Q., OU=Users, OU=Sales, DC=qc,
DC=local; Rule0, , 0x1306
NOTE
: The DN format must contain the username and user
group "CN" ("common name") attribute type, and the domain and
DNS suffix "DC" ("domain component") attribute type. The "OU"
("organizational unit") attribute type also can be included. Each
attribute type should be followed by an equals sign (=), and sepa-
rated by a comma (,).
When translated, these strings of code mean:
•
profile for a user with username “Jane Doe”, user group
“Users”, domain “qc”, DNS suffix “.local”: Block port 21
and Filter all other ports, Block Child Pornography and
Pornography/Adult Content, Warn on Uncategorized
URLs, and Pass all other categories, use filter mode 1,
use redirect URL http://www.cnn.com in place of the
standard block
page, no filter options enabled.