Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
574 Views 2 Replies Latest reply: Jan 31, 2013 1:42 AM by mgarten RSS
mgarten Newcomer 18 posts since
Nov 23, 2011
Currently Being Moderated

Jan 16, 2013 3:58 AM

Usage of via string from Header

Dear All,

 

since long time we are using the via string from the header within a rule to make a  decision within a rule.

It was implemented with version 7.1.6

 

Now we started to use 7.3.0.2.0.

And now we can't use more the via string.

 

Here an example how we have implemented it in a rule:

Header.Request.Get("via") matches *111.111.111.111*

 

Also if we try to show the via string in a block message now the value is empty.

 

Does somebody have a solution for this?

 

Thanks

 

mgarten

  • eelsasser McAfee SME 842 posts since
    Mar 24, 2010
    Currently Being Moderated
    1. Jan 16, 2013 9:06 AM (in response to mgarten)
    Re: Usage of via string from Header

    I do not see that behaviour on my 7.3.0.2.

    I have a rule that blocks on this criteria:

      Header.Request.Get ("Via") matches *192.168.2.232*

     

    And when i forward from another proxy with that IP address, it blocks as it should.

     

    This rule is at the top in only the request cycle, then i have another rule below that in the request/response cycle that removes the Via header as it goes out to the internet.

     

    i don't know why it wouldn't work for you.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points