Exception webBloker not match

SistemasNotariaSistemasNotaria
in Firebox - Other

Hi, I have a T55,

I have been managing it for years, the first time I see this, I tell you the case:

Before, google recaptcha was on a single URL, and people who have a firewall police shouldn't navigate to anything. So google.com is blocked by webBloker category "Search Engines and Portals". But now recatpcha is in www.google.com/recatpcha/api.js* by using regular expression ^[0-9a-zA-Z_-.]{1,256}.google.com/recatpcha/(.* ) so that it doesn't let them search on google.com but if it should let them see recatpcha, but it doesn't work any ideas?

2022-02-25 11:35:02 Deny 192.168.0.111 216.239.32.20 https/tcp 53235 443 USER-LAN ETB-FIBRA ProxyDrop: HTTPS Request categories (HTTPS-proxy.MNATURAL-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0001" proxy_act="HTTPS-Client.MNATURAL" cats="Search Engines and Portals" action="WB.MNATURAL" geo_dst="USA" src_user="natural03@AD-NOTARIA62.COM" dstname="www.google.com"



Comments

  • Bruce_BriggsBruce_Briggs

    Is this a WB Exception Allow entry that you are trying to implement?

    There are regex testing sites online which may show if your RegEx should work or not.
    Here is one:
    https://regex101.com/

  • SistemasNotariaSistemasNotaria

    Hi, bruce thanks for your time.

    I am test this, and work in regex101 but not in webBloker exceptions.

    www.google.com\/recaptcha\/.+[0-9]+(.+)?

    URL: Exactly: https://www.google.com/recaptcha/api.js?onload=widget_captchaAntecedentes_initCallback&render=explicit&hl=es&_=1631285904795

    Logs:
    TPS-Client.MNATURAL" cats="Search Engines and Portals" action="WB.MNATURAL" geo_dst="USA" src_user="natural03@AD-NOTARIA62.COM" dstname="www.google.com"
    2022-02-25 13:00:49 Deny 192.168.0.111 216.239.32.20 https/tcp 53625 443 USER-LAN ETB-FIBRA ProxyDrop: HTTPS Request categories (HTTPS-proxy.MNATURAL-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0001" proxy_act="HTTPS-Client.MNATURAL" cats="Search Engines and Portals" action="WB.MNATURAL" geo_dst="USA" src_user="natural03@AD-NOTARIA62.COM" dstname="www.google.com"
    2022-02-25 13:00:49 Deny 192.168.0.111 216.239.32.20 https/tcp 53626 443 USER-LAN ETB-FIBRA ProxyDrop: HTTPS Request categories (HTTPS-proxy.MNATURAL-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0001" proxy_act="HTTPS-Client.MNATURAL" cats="Search Engines and Portals" action="WB.MNATURAL" geo_dst="USA" src_user="natural03@AD-NOTARIA62.COM"
    "
    2022-02-25 13:00:49 Deny 192.168.0.111 216.239.32.20 https/tcp 53627 443 USER-LAN ETB-FIBRA ProxyDrop: HTTPS Request categories (HTTPS-proxy.MNATURAL-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0001" proxy_act="HTTPS-Client.


  • Bruce_BriggsBruce_Briggs

    Also, are you doing Inspect on your HTTPS proxy action?
    The firewall can’t see the URL if not, and thus will not match your regex

  • SistemasNotariaSistemasNotaria

    Yes inspect.

  • Bruce_BriggsBruce_Briggs
    1. www.google.com\/recaptcha\/.+[0-9]+(.+)? is not a domain name, it is a URL sort of
      www.google.com is a domain name
    2. Allow is NOT Inspect
  • SistemasNotariaSistemasNotaria

    Hi, thanks for you help. solicionado..

Sign In to comment.