Blue Coat Systems Time Clock Proxy SG 用户手册
ProxySG Content Policy Language Guide
210
request.filter_service( )
Controls whether the request is processed by an external content filter service. The ProxySG currently
supports Websense Enterprise Server external content filtering.
supports Websense Enterprise Server external content filtering.
Directing the request to an external content filter service does not affect policy based on categories
determined through an on-box vendor or CPL category definitions.
determined through an on-box vendor or CPL category definitions.
Categories determined by Websense Enterprise Server are not available to the
category=
condition,
although they appear in access logs. Effectively, all policy based on the Websense determined
categories must be implemented on the Websense server.
categories must be implemented on the Websense server.
Note:
This property might be overridden by the deprecated
content_filter_override(yes)
property.
Replaces:
content_filter_override(yes)
Syntax
request.filter_service(servicename[, fail_open|fail_closed])
request.filter_service(no)
The default values are
no
and fail_closed.
where:
•
servicename
—A configured external content filter service that supports request modification.
Currently only Websense Enterprise Server is supported. On upgrade, the service name
websense
websense
is automatically generated.
•
fail_open
—If
servicename
is unavailable, the request is processed and a response may be
delivered, subject to other policy.
•
fail_closed
—If the
servicename
is unavailable, the request is denied.
•
no
—Prevents the request from being sent from the ProxySG to the external content filter service.
Layer and Transaction Notes
•
Use in
<Cache>
and
<Proxy>
layers.
•
Applies to FTP and HTTP transactions.
Example
The following example directs requests to the Websense server, but allows processing to continue if
the service in unavailable:
the service in unavailable:
<proxy>
request_filter_service(websense, fail_open)
The following policy establishes a general rule that all request are processed by the external filter
service named
service named
filter
. It then specifies some exceptions to this general rule in a later layer:
<proxy> ; All request are content-filtered by default
request.filter_service( filter )
<proxy> request.filter_servce( no ) ; exceptions to content-filtering