6 Replies Latest reply on Oct 7, 2010 1:58 PM by eelsasser

    list converter error

    nsgmike

      After I load my config into the listConverter tool, I try to save it and get the following error.

       

      What does this mean?

       

      listConverter_error.JPG

        • 1. Re: list converter error

          It means there is some invalid data somewhere in the original global.conf.

          I fixed one instance of that recently. Did you just get the newer 0.6.7 version I posted the other day?

           

          Try unchecking each of the Global Settings and trying to save. If it saves, then that was the section that has bad values in it.

          My guess is it's either in the [ExtendedList] or the [TrustedCAs]

           

          You can always send me your config to Erik_Elsasser@McAfee.com and I'll take a look to see what's broken.

           

          1 of 1 people found this helpful
          • 2. Re: list converter error
            nsgmike

            What are the settings on the list converter so I can just grab my whitelist and convert it into 7?

             

            I have a ton of whitelist entries and I need to import them, I cant seem to import the whitelist for all my policies.

            • 3. Re: list converter error

              The whitelist per policy on 6 is particularly cumbersome to convert to 7. There is no easy way to "convert" everything flawlessly because of the archetecural differences between the versions. The listConverter is just that. It converts lists of values into other lists for 7.

               

              A lot of it has to do with how disciplined the whitelist is in the first place and what each entry's purpose was for.

              Some questions to ask yourself:

              Do you really want a different whitelist for each "policy" or set of people?

              Do you have the same sites listed in all policies?

              How different is the list for each policy? Are the same entries there for each one?

              What are you really bypassing? URL filtering, AV scanning, Media Type blocking?

               

              A lot of people will just start checkmarking all the filters just to get it through and be done with it.

              Some people will identify specific URLs and check just the filter for just the policy to bypass.

              Some will accidently forget to apply to all policies when they add an entry and the list will unintentionally diverge and be different for each policy.

               

              I put the Policy Report feature in to see a side-by-side comparison of the whitelist for each policy to get a better understanding of what it contains. This report is your friend.

              When you look at it, how similar are each of the lists for each policy?

              Are they so unique that you cannot converge them for all users?

               

              In general, It's an interative process. You'll need to make mutiple passes to extract multiple lists with different intents.

              You'll probably have to make a pass for just sites you want to bypass for URL filtering and import it and use it in a rule for Content Filtering.

              Then a pass to bypass AV and use it in the AV bypass rules.

              Then a pass for everything that should apply to everyone and use that for the Global Whitelists.

               

              Also keep in mind that the reason things are in the whitelist may not apply to MWG7. Sometimes there are sites that need workarounds because of some unique characteristic of the site or the files they return. A lot of those things have already been compensated for in MWG7, so they may not be needed anymore.

               

              So how bad does your policy report look? Is it really messy for the whitelists?

               

              1 of 1 people found this helpful
              • 4. Re: list converter error
                nsgmike

                Erik,

                 

                So in version 6.8.* when we whitelist a URL there are options to check off and disable what functions we want. Does the wild card expression take care of all of those functions by disabling them when we create the rule in version 7?

                 

                For example in the below policy report, is all i have to do is add the bold wildcard expression below and that will disable archive handler, httpcache, mcafee etc?

                example_whitelist.JPG

                • 5. Re: list converter error

                  The listConverter would create a single list for every checkmark multiplied by every policy.

                   

                  So in your example you'll have a lists for:

                   

                  Whitelist.ArchiveHandler.PolicyName:

                  *download.windowsupdate.com/*.cab*

                  *microsoft.com/*.cab*

                  *microsoft.com/*.exe*

                  *microsoft.com/*.iso*

                  *download.oracle.com*

                   

                  Whitelist.McAfee.PolicyName:

                  *microsoft.com/*.exe*

                  *microsoft.com/*.iso*

                  *download.oracle.com*

                  *phones.verizonwireless.com*

                   

                  Whitelist.HTTPCache.PolicyName:

                  *microsoft.com/*.iso*

                  *boston.com*

                   

                   

                  So in each of those instances, you would insert the imported list into the rules where they would have the desired effect.

                   

                  So for the HTTPCache, you'd put it in a webcache rule:

                  Rule Criteria:
                  URL matches in list Whitelist.HTTPCache.PolicyName

                  Action:

                  Stop Rule Set

                   

                  For the McAfee/AV bypass, you'd enter it in the Antimalware section:

                  Rule Criteria:
                  URL matches in list Whitelist.McAfee.PolicName

                  Action:
                  Stop Rule Set

                   

                  etc.

                  1 of 1 people found this helpful
                  • 6. Re: list converter error
                    nsgmike

                    Ok. I'm starting to get it. Thanks. What rule would Archive Handling fall under? That seems to be one of my most checked off categories.

                     

                    Also, I have boston.com bypassing caching and it displays differently for IE 6 browsers than it does for IE 7 browsers, IE 6 does not show the correct page while IE7 does.