Setting Up a URL-Based Rule

URL-based access rules apply to users accessing Web content through the HTTP proxy or the Novell IP Gateway. If you enabled the HTTP proxy for all private interfaces during the installation, the simplest way to allow users to access the HTTP proxy is to create a rule that allows any source on the private network to access any destination.

To create an access rule for a URL:

  1. In NetWare® Administrator, right-click the object where the access rules are to be created and select Details.

    2.

  2. Select the Novell BorderManager 3.7 Access Rules page and click Add.

    3.

  3. In the Access Rule Definition page, specify Allow (the default) for Action.

  4. For Access Type, select URL.

    5.

  5. Under Source, specify Any to apply the rule to all NDS® or Novell eDirectoryTM objects, Domain Name System (DNS) hostnames, IP addresses, and subnets. Otherwise, select users, groups, or hosts as follows:

    1. Click Specified, then click Browse.

      2.

    2. Specify an NDS or eDirectory object, a DNS hostname, an IP address or range of addresses, or a subnet, including its subnet mask, then click Add.

      For DNS hostname specifications, you can use the wildcard character (*) in your entry.

      3.

    3. Add additional sources.

      4.

    4. After you have added the sources you want, click OK.

      5.

  6. Under Destination, specify Any to apply the rule to any URL, otherwise select Specified and do the following:

    1. Click Browse > Add.

      2.

    2. Enter the unqualified URL (www.novell.com, for example) and click OK.

      3.

    3. Repeat this process to add additional URLs, if necessary.

      4.

    NOTE:  You can use wildcards in the URLs. However, be aware that the HTTP proxy and the Novell IP Gateway enforce rules with wildcards differently. The HTTP proxy enforces a rule with a wildcard in the hostname of a URL, while the Novell IP Gateway does not. For example, the HTTP proxy enforces rules for http://*.novell.*, http://*novell.*, and http://www.*.com, but the Novell IP Gateway ignores these rules. The Novell IP Gateway enforces rules containing wildcards only when the wildcard represents all the links from a home page, such as http://www.novell.com/*.

    7.

  7. (Optional) If you want the server to record all access attempts that match the rule, click Enable Rule Hit Logging.

    Logging access attempts can affect server performance; however, it is recommended that you do so to detect unathorized activity.

    8.

  8. Click OK, as necessary, to return to the Novell BorderManager 3.7 Access Rules page > click OK to update the access rules.

    9.