Enter a useful comment into the Comment text field and click the Add button.

Once all hosts have been added to the various authentication groups, the various filter rules (URL, content, file and time) can be configured and assigned to them.

Note - It is not possible to add host names or Windows computer names on the ident by ip page.

URL Filter

The url filter page is used to create filter rules that can: block categories of pre-defined URLs; allow or block custom lists of domains or URLs; replace URL content for categories of pre-defined URLs; and replace URL content for custom lists of URLs.

Guardian allows different URL filter settings to be configured for each filter group of users. To set the filter group that URL filter settings will apply to choose the appropriate authentication group from the Select group drop-down menu and click the Select button.

When an authentication group is selected, the URL filter settings currently assigned to it will be displayed and all subsequent configuration changes will be applied to it.

Categorised lists of URLs are available on subscription from SmoothWall Limited or your authorised SmoothWall reseller. Each blocklist contains a vast quantity of URLs known to contain undesirable content such as pornography, gambling and intolerance.

There are two special blocklist categories that work in a different way to the others:

• Ads
• Publicite

When a URL from either of these two blocklists is matched and the object is a HTML page, it will not display the usual blocked page; instead it will display a blank page with a link to the blocked page saying "Advert Blocked". If the matched URL points to an image, it will be replaced with a transparent image of equivalent size, thus removing embedded adverts from web pages.

To choose which URL blocklists are active for the currently selected filter group, select the blocklist tick-box control adjacent to each named URL category that you wish to block. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Tool-tip descriptions for each of the blocklists can be viewed by hovering the mouse pointer over the blocklist name.

There are seven different ways to customise the URL filtering engine:

• Block these domains - Used to list entire domains that should be blocked. The domain should not include www or http:// at the start. It will match domains ending in the ones you list.
• Block these URLs - Used to list a "fraction" of a URL that should be blocked. The URL should not include the protocol part, or initial hostname (so do not include http://www.). The match will end when the URL in the list ends. For instance, to block the http://www.abc.com/abc URL and all sub-URLs within it, enter abc.com/abc into the text control.
• Always allow these domains - Used to allow a domain that is being incorrectly blocked by a category blocklist. Add sites which you would like to allow unfiltered access to into this text control.
• Always allow these URLs - Used to allow a URL that is being incorrectly blocked by a category blocklist. Add sites which you would like to allow unfiltered access to into this text control.
• Allow but filter these (grey) domains - If a URL category blocklist is blocking a domain which you would like to allow but still apply content, file and time filtering, add it to this list.
• Allow but filter these (grey) URLs - If a URL category blocklist is blocking a URL which you would like to allow but still apply content, file and time filtering, add it to this list.
• Regular expression blocked URLs - Enter a list of regular expressions which, if they match the URL of the page, will cause it to be blocked. For more information, see the Using regular expressions section of this help page.

To create custom rules, enter appropriate values using each of these configuration controls and click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page. For more information about the save options, see the Save and restart options section in this help file.

URL replacement is used to manipulate URL strings, typically to remove undesirable URL redirections or to enforce safe searching options.

To activate a particular built-in URL replacement rule, select its tick-box control from the URL replacement category blocking region and click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page. For more information about the save options, see the Save and restart options section in this help file.

Note - Tool-tip descriptions for each of the replacement categories can be viewed by hovering the mouse pointer over the blocklist name.

Custom URL replacement rules are regular expressions that express search and replacement patterns that are applied to URLs. For example:

• "(\/search=)foo"->"$1bar"
• "(www\.)?badsite\.tld.*"->"www.goodsite.tld"

For more information about regular expressions, see the Using regular expressions section of this help page.

To create a custom URL replacement rule, enter a regular expression replacement rule into the Custom URL replacement rules text control. Enter each replacement on its own line in the format "http://(www\.)?example.com"->"http://www.example.net". Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note 1 - Content replacement rules are case insensitive.

Note 2 - If you wish to replace the " character there is no need to escape it with a backslash (\). The replacement field does not need special characters escaping.

Using advanced URL filtering


Guardian offers three additional controls that provide advanced URL filtering capabilities:

• Deep URL analysis - This technique examines the URLs embedded within the page and filters them too. This is particularly useful for image search websites and other redirecting / proxy sites that try to hide real addresses to bypass URL filtering.
• IP-only blocking - This technique disables web sites whose addresses are only IP addresses, for example "http://1.2.3.4/test/" would be blocked. A number of sites containing objectionable material use IP addresses in this way.
• Block all non-allowed URLs - This control changes the URL content filtering mode of operation to "Whitelist" (or "Greenlist") mode. In this mode, all websites will be blocked unless specifically allowed in the Always allow these domains, Always allow these URLs, Allow but filter these (grey) domains or Allow but filter these (grey) URLs lists.

To enable any of these advanced URL filtering mechanisms, select the appropriate tick-box controls in the Advanced URL filter settings region.

Important notes

URLs should be entered without any special encoding. For example, rather than enter "test.com/test%20images" enter "test.com/test images". This is because the URL filter decodes all URLs from their raw format and compares against the literal entries in the various URL custom filtering lists

Using regular expressions


Regular expressions are a very powerful standard method of wildcard matching. A basic introduction to regular expression structure is provided here. A regular expression is a text pattern consisting of a combination of alphanumeric characters and special characters known as metacharacters. Metacharacters are very similar to wildcards. The pattern is used to match strings of characters such as in a URL. The result of a match is either successful or not - however, a successful match does not necessarily entail that all of the pattern is matched. An alphanumeric character is either a letter from the alphabet or a number. The following examples have been prepared to explain the basic concepts:

• (aaa|bbb) - Matches a URL containing the character sequence 'aaa' or 'bbb'. The vertical line means 'or'. Parentheses are used to 'group' on expression as a single entity.
• (\/aaa\/$) - Matches a URL ending in '/aaa/'. The '$' means end of line. The '\/' means '/' because '/' is a special character and '\' is a modifier.
• (aaa.com\/bbb) - Would block 'www.aaa.com/bbb/' and 'aaa.com/bbb/'. You must not add the 'http://' bit.
• (porn(ography)*) - Matches 'porn' and 'pornography' and 'pornographyography' etc. The '*' means zero or more of the last entity.
• ((eg|le)gs) - Matches either 'eggs' or 'legs'.
• ((ab)+) - Matches 'ab', 'abab', 'ababab' etc. The '+' means one or more of the last entity.
• ([0-9]+porn) - Matches '0porn', '46porn', '257porn' etc. The '[]' are a range of characters.
• (apple(s)?) - Matches 'apple' and 'apples' but not 'appless'. The '?' means zero or one of the last character. In this case the '()' are only for clarity.
• (c..p) - Matches 'carp', 'czzp', 'crop', etc. The '.' means any non-space character.

Additional information regarding regular expressions can be found by searching for "Regular Expressions" on an Internet search engine.

Save and restart options


The following save and restart options are available from the web proxy page:

• Save - A save operation records configuration changes but does not apply them. This can be useful when making a series of configuration changes to Guardian, so that repeated interruption to end-users from unnecessary restarts can be avoided.
• Save and Soft Restart - Completes a save operation followed by a soft restart of the Guardian sub-system. A soft restart operation causes Guardian to re-read all filter rules without interrupting end-user browsing or file downloads. A soft restart normally completes in a few seconds. Soft restarts are useful when changes have been made to the filter rules only. If changes have been saved to other areas of Guardian (I.e. not filter rule changes), a soft restart will not be possible.
• Save and Restart - Completes a save operation followed by a full restart of the Guardian sub-system. A restart will apply all unapplied configuration changes. A restart takes a short while to complete (up to a minute), during which time end-user browsing will be suspended and any currently active downloads will fail. It is a good idea to only initiate restarts when it is convenient for the proxy end-users.
• Save and Restart with cleared cache - Completes a save and restart operation, followed by a clear cache operation. This is used to empty the proxy cache of all data, especially if cache performance has been degraded by the storage of stale information - typically from failed web-browsing or poorly constructed web sites.

Note 1 - If the Save button has been clicked, a Soft Restart Proxy note will be displayed at the top of all Guardian configuration pages, to remind the user that the changes will not be applied until a soft restart operation has been completed. Click the Soft Restart button to initiate a soft restart of the Guardian sub-system.

Note 2 - If a restart operation is already required as a result of configuration changes made to the Guardian | web proxy or Guardian | customise pages, the Save and Soft Restart button will be replaced by the Save and Restart button. Also, the Soft Restart Proxy note will be replaced by the Restart Proxy note.

Content Filter

The content filter page is used to create filter rules that can dynamically block pages based on their content, including: phrase category blocking; custom phrase filtering; PICS (Platform for Internet Content Selection) settings; content replacement category blocking; and custom content replacement rules.

Introduction to content filtering


Phrase filtering is one of Guardian's two true content filtering features. It checks the actual content of the web pages for key phrases. There are two methods of phrase blocking:

• Banned phrases - Banned phrases, if found within a page, cause that page to be blocked.
• Weighted phrases - Weighted phrases have a value, either positive or negative. Each weighted phrase found in a page will be added up and the total calculated. If the total calculated is over a customisable limit, the page is blocked. The weighted phrase method is powerful in that it can have a list of "good" words that will prevent over blocking and a list of "bad" words which can be assigned a strength value. The word drug is not enough to block a page, but it can certainly push it slightly towards being blocked.

Phrase content filtering is very powerful and will block most bad sites, however, should any sites get through, they can be added to the Block these additional domains list on the Guardian | url filter page. Some sites will get through the phrase filtering because they only contain images and don't have any keywords to trip the blocking.

At the top of the page is the Phrase Category blocking which will show a number of lists. They can be upgraded by importing new lists on the blocklists page. Category lists are available on subscription from SmoothWall Limited. They are called category lists because each blocklist set has individual lists for different categories, such as adult content, pornography, sites containing information about drugs, gambling, etc. The goodphrases category is an important category to almost always tick; it contains phrases that are typically found on "cleaner" web pages. These phrases are assigned negative values and will help reduce over-blocking.

Applying content filtering to a group of users


Guardian allows different content filter settings to be configured for each filter group of users. To set the filter group that content filter settings will apply to choose the appropriate authentication group from the Select group drop-down menu and click the Select button.

When an authentication group is selected, the content filter settings currently assigned to it will be displayed and all subsequent configuration changes will be applied to it.

Enabling phrase filtering


Phrase filtering can be enabled individually for each authentication group using the Phrase filtering region. Choose the appropriate authentication group using the Select group drop-down menu, click the adjacent Select button and tick the Enable phrase-based filtering tick-box in the Phrase filtering region. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Using phrase category blocking


The list of different phrase categories are displayed in the Phrase category blocking region. These categories are derived from the blocklists and are updated when a blocklist update is downloaded and installed.

To select the phrase filtering categories used for the currently selected authentication group of users, select the tick-box adjacent to each required category. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note 1 - Don't forget to use the goodphrases category to reduce over-blocking. For further information, see the Introduction to content filtering section in this help page.

Note 2 - Tool-tip descriptions for each of the phrase categories can be viewed by hovering the mouse pointer over the category name.

Creating custom phrase filtering rules


The phrase analysis engine can be customised using the Custom phrase filtering rules region. There are five different controls that can be used to create phrase filtering customisations:

• Block pages containing these phrases - This is a list of all the additional phrases you would like to block pages that contain them. The format is (some phrase). You can have combination phrases as well, for example ( sex ),( nudity ),(violence),( young). Some phrases alone are not enough to warrant a page blocking, but when a combination of certain words is found it might be worth blocking.
• Ignore these phrases from the built-in phrase list - This is a list of all phrases you would like to remove from a built-in banned phrase list. For example, you might want to block pornography phrases, but a certain phrase is causing over blocking. The format is the same as Block pages containing these phrases.
• Do not block pages containing the following phrases - This is a list of all phrases you would like pages that contain them to be allowed. For example, your organisation might do a lot of research on a particular subject and some pages get blocked. What you would do is add a phrase commonly found in that subject. Be careful not to include phrases that are too common or you will find a lot of pages getting through the filter when they should not be. The format is the same is Block pages containing these phrases.
• Include these weighted phrases - This is a list of all the additional weighted phrases you would like include in the page scoring mechanism. The format is (some phrase)(whole number). You can have combination phrases as well, for example ( sex ),( nudity ),(violence),( young)(40). The phrase or combination can have either a positive or negative value. Positive is bad, negative is good. Weighted phrases is a more subtle way of handling banned and exception phrases.
• Ignore these phrases from the built-in weighted phrase list - This is a list of all phrases you would like to remove from the built-in weighted phrase list. For example, you might want to block pornography phrases, but a certain phrase is causing over blocking. The format is the same is Block pages containing these phrases.
• Weighted phrase trip limit - Is the score value that a page must get before it is blocked due to weighted phrases. It has three presets, but you can specify your own by choosing specified limit and entering a number greater than zero in Weighted phrase limit. Note that, as per all the other setting different groups can have their own trip limit. This can be useful if you have different age ranges of users.

Administrators can also define a completely customised weighted phrase limit. Thresholds less than 20 are likely to make web surfing difficult due to too over-blocking. Numbers above 250 are likely to allow many sites containing objectionable material through.

After entering custom phrase filter rules, click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Use spaces in custom phrases to your advantage. If you enter the phrase (sex) it will match any word where 'sex' is part of it. For example 'Middlesex' (an area in London, UK). What you should often use instead is a word with spaces around it, for example ( sex ), which would only match the word 'sex' by itself. Clearly you would not block that word as it has many legitimate uses. The use of spaces will reduce problems with over-blocking. Don't forget that phrases can consist of multiple words such as (an obscenity )

Additional information about custom weighted phrases


A weighted phrase rule consists of a phrase followed its score, in the following format:

• (phrase)(20)

The above example increases the objectionable total score by 20 points for every occurrence of the word "phrase" in a web page. An example of a good phrase rule might be:

• (hardcore fan)(-20)

Such good phrases are useful because they may counter the negative connotations of the word "hardcore" appearing on a web page. The above example decreases the objectionable total by 20 points.

Using PICS filtering


PICS (Platform for Internet Content Selection) is a voluntary standard for the self-labelling of website or web page content. For ease of use, the 70 official PICS rating categories have been combined into 12 groups by Guardian. Each category can have one of four objective settings:

• None - Only allow pages with no content of this category type.
• Some or mild - Only allow pages with some content of this category type.
• Lots - Allow pages with a high content of this category type.
• No filtering - Do not filter pages containing this category type.

Objective settings can be set globally (across all categories) or individually for each category. Since PICS is a self-labelling standard, interpretations can differ between web sites. The websites of reputable companies and organisations often overrate their site to be responsible, so it may be to be necessary to increase PICS tolerance in some circumstances.

Select appropriate values using each of these configuration controls and click the appropriate Save, Save and Restart or Save and Restart with cleared cache button at the bottom of the page. For more information about the save options, see the Save and restart options section in this help file.

Note - Websites without PICS ratings are not checked using PICS filtering.

Content replacement category blocking


Content replacement category blocking rules are used to manipulate the content of web pages, typically to remove undesirable features such as popup windows and maliciously embedded code.

To choose which content replacement categories are active for the currently selected filter group, select the tick-box control adjacent to each named replacement category that you wish to enable. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Tool-tip descriptions for each of the blocklists can be viewed by hovering the mouse pointer over the blocklist name.

Creating custom content replacement rules


Custom content replacement rules can be expressed as a regular expressions that defines a particular search and replacement pattern. The rule can then be applied to the content of a web page.

This can be used for basic tasks such as censoring certain words or phrases, or more complex tasks such as removing JavaScript and HTML tags. The creation of a custom rule requires a good knowledge of regular expressions. For more information about regular expressions, see the Using regular expressions section on this help page.

The format of a content replacement rule is as follows:

• "regular expression here"->"replacement for regular expression here"

The following examples demonstrate the use of custom content replacement rules:

• "before"->"after" - Replaces one work with another.
• "phrase1|phrase2|phrase3"->"newphrase" - Replaces any of the listed words with another.
• "<script language.*open\(.*script>"->"<!-- JavaScript removed -->" - Removes JavaScript elements from HTML
• "<b>"->"<strong>" - Converts the HTML <b> tag to the HTML <strong> tag.
• "</b>"->"</strong>" - Converts the HTML </b> tag to the HTML </strong> tag.
• "<(/?)b>"->"<$/strong>" - Converts the <b> and </b> tags to <strong> and </strong> using a single rule.
• "<blink>|</blink>"->"" - Removes the often-hated <blink> HTML tag.
• "jscript.encode">"->"jscript.disabled" - Removes potentially malicious encoded JavaScript.
• "(bananas are )bad( for you)"->"$1good$2" - Replaces the word 'bad' to 'good' in the sentence. $1 and $2 represent the matches in brackets ().

After entering custom phrase filter rules, click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Regular expressions are matched on a case insensitive basis. There are no special requirements to escape double-quote characters (").

Using regular expressions


Regular expressions are a very powerful standard method of wildcard matching. A basic introduction to regular expression structure is provided here. A regular expression is a text pattern consisting of a combination of alphanumeric characters and special characters known as metacharacters. Metacharacters are very similar to wildcards. The pattern is used to match strings of characters such as in a URL. The result of a match is either successful or not - however, a successful match does not necessarily entail that all of the pattern is matched. An alphanumeric character is either a letter from the alphabet or a number. The following examples have been prepared to explain the basic concepts:

• (aaa|bbb) - Matches a URL containing the character sequence 'aaa' or 'bbb'. The vertical line means 'or'. Parentheses are used to 'group' on expression as a single entity.
• (\/aaa\/$) - Matches a URL ending in '/aaa/'. The '$' means end of line. The '\/' means '/' because '/' is a special character and '\' is a modifier.
• (aaa.com\/bbb) - Would block 'www.aaa.com/bbb/' and 'aaa.com/bbb/'. You must not add the 'http://' bit.
• (porn(ography)*) - Matches 'porn' and 'pornography' and 'pornographyography' etc. The '*' means zero or more of the last entity.
• ((eg|le)gs) - Matches either 'eggs' or 'legs'.
• ((ab)+) - Matches 'ab', 'abab', 'ababab' etc. The '+' means one or more of the last entity.
• ([0-9]+porn) - Matches '0porn', '46porn', '257porn' etc. The '[]' are a range of characters.
• (apple(s)?) - Matches 'apple' and 'apples' but not 'appless'. The '?' means zero or one of the last character. In this case the '()' are only for clarity.
• (c..p) - Matches 'carp', 'czzp', 'crop', etc. The '.' means any non-space character.

Additional information regarding regular expressions can be found by searching for "Regular Expressions" on an Internet search engine.

Save and restart options


The following save and restart options are available from the web proxy page:

• Save - A save operation records configuration changes but does not apply them. This can be useful when making a series of configuration changes to Guardian, so that repeated interruption to end-users from unnecessary restarts can be avoided.
• Save and Soft Restart - Completes a save operation followed by a soft restart of the Guardian sub-system. A soft restart operation causes Guardian to re-read all filter rules without interrupting end-user browsing or file downloads. A soft restart normally completes in a few seconds. Soft restarts are useful when changes have been made to the filter rules only. If changes have been saved to other areas of Guardian (I.e. not filter rule changes), a soft restart will not be possible.
• Save and Restart - Completes a save operation followed by a full restart of the Guardian sub-system. A restart will apply all unapplied configuration changes. A restart takes a short while to complete (up to a minute), during which time end-user browsing will be suspended and any currently active downloads will fail. It is a good idea to only initiate restarts when it is convenient for the proxy end-users.
• Save and Restart with cleared cache - Completes a save and restart operation, followed by a clear cache operation. This is used to empty the proxy cache of all data, especially if cache performance has been degraded by the storage of stale information - typically from failed web-browsing or poorly constructed web sites.

Note 1 - If the Save button has been clicked, a Soft Restart Proxy note will be displayed at the top of all Guardian configuration pages, to remind the user that the changes will not be applied until a soft restart operation has been completed. Click the Soft Restart button to initiate a soft restart of the Guardian sub-system.

Note 2 - If a restart operation is already required as a result of configuration changes made to the Guardian | web proxy or Guardian | customise pages, the Save and Soft Restart button will be replaced by the Save and Restart button. Also, the Soft Restart Proxy note will be replaced by the Restart Proxy note.

File Filter

The file filter page allows filter rules to be created that can block incoming file transfers according to their file extension or MIME type. This can be useful for reducing bandwidth consumption, limiting viral activity and enforcing acceptable use policies.

Applying file filtering to a group of users


Guardian allows different file filter settings to be configured for each filter group of users. To set the filter group that file filter settings will apply to choose the appropriate authentication group from the Select group drop-down menu and click the Select button.

When an authentication group is selected, the file filter settings currently assigned to it will be displayed and all subsequent configuration changes will be applied to it.

Note - file filtering is not infallible, there are ways to avoid detection such as embedding files in other types of files such as documents.

Using file extension category blocking


File extension category blocking is used to block similar types of files according to their file extension. A certain amount of AI is used to guess the file extension if the user tries to circumvent filtering, for example by downloading using a cgi script. File extension blocking is not infallible and the user can always rename the file to something else. If they do, the MIME-type blocking may catch it.

The list of blockable file extension categories are displayed in the File extension category blocking region. These categories are derived from the blocklists and are updated when a blocklist update is downloaded and installed. The following categories are available:

• archives - Includes .zip, .tar, etc.
• audio - Includes .wav, .au, .mp3, etc.
• executables - Includes .exe, .com, .dll, etc.
• macros - Includes .doc, .xls, .mdb, etc. Even seemingly harmless files such as Microsoft® Office® files contain executable code that can infect your workstations.
• video - Includes .avi, .mpg, .mov, etc.
• wasting - Includes .iso.

To select the file extension categories used for the currently selected authentication group of users, select the tick-box adjacent to each required category. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Tool-tip descriptions for each of the file extension categories can be viewed by hovering the mouse pointer over the category name.

Creating custom file extension rules


To block a particular type of file, enter one file extension (such as .doc) per line into the Block these additional file extensions text control. The dot character (.) must be included. Do not block .html or image files as this will cause problems displaying web pages.

To allow a particular type of file, enter one file extension (such as .doc) per line into the Allow these additional file extensions text control. The dot character (.) must be included.

Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Using MIME type category blocking


MIME type category blocking is used to block similar types of files according to their MIME type. MIME-type blocking is not infallible as the web server may sometimes report the wrong MIME-type. If this happens, file extension blocking might catch it.

The list of blockable MIME type categories are displayed in the MIME type category blocking region. These categories are derived from the blocklists and are updated when a blocklist update is downloaded and installed. The following categories are available:

• archives - Includes zip files and similar.
• video - Includes avi files and similar.
• audio - Includes wav files and similar.
• octet - Includes any other binary file such as Word documents. These would not normally be files designed for web pages.
• inpageexe - Includes Java and Javascript and similar.

To select the MIME type categories used for the currently selected authentication group of users, select the tick-box adjacent to each required category. Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note - Tool-tip descriptions for each of the file extension categories can be viewed by hovering the mouse pointer over the category name.

Creating custom MIME type rules


To block a particular MIME type, enter one file extension (such as application/octet-stream) per line into the Block these additional MIME types text control. The format is MIME-type. You do not need to specify the whole MIME-type; you could for example just put application. Do not block text/html and so on as this will cause problems displaying web pages.

To allow a particular MIME type, enter one file extension (such as application/octet-stream) per line into the Allow these additional MIME types text control.

Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Save and restart options


The following save and restart options are available from the web proxy page:

• Save - A save operation records configuration changes but does not apply them. This can be useful when making a series of configuration changes to Guardian, so that repeated interruption to end-users from unnecessary restarts can be avoided.
• Save and Soft Restart - Completes a save operation followed by a soft restart of the Guardian sub-system. A soft restart operation causes Guardian to re-read all filter rules without interrupting end-user browsing or file downloads. A soft restart normally completes in a few seconds. Soft restarts are useful when changes have been made to the filter rules only. If changes have been saved to other areas of Guardian (I.e. not filter rule changes), a soft restart will not be possible.
• Save and Restart - Completes a save operation followed by a full restart of the Guardian sub-system. A restart will apply all unapplied configuration changes. A restart takes a short while to complete (up to a minute), during which time end-user browsing will be suspended and any currently active downloads will fail. It is a good idea to only initiate restarts when it is convenient for the proxy end-users.
• Save and Restart with cleared cache - Completes a save and restart operation, followed by a clear cache operation. This is used to empty the proxy cache of all data, especially if cache performance has been degraded by the storage of stale information - typically from failed web-browsing or poorly constructed web sites.

Note 1 - If the Save button has been clicked, a Soft Restart Proxy note will be displayed at the top of all Guardian configuration pages, to remind the user that the changes will not be applied until a soft restart operation has been completed. Click the Soft Restart button to initiate a soft restart of the Guardian sub-system.

Note 2 - If a restart operation is already required as a result of configuration changes made to the Guardian | web proxy or Guardian | customise pages, the Save and Soft Restart button will be replaced by the Save and Restart button. Also, the Soft Restart Proxy note will be replaced by the Restart Proxy note.

Time Filter

The time filter page allows filter rules to be created that allow or filter URLs according to the time of day or day of week.

Introduction to time filter rules


Guardian allows different filter settings to be applied according to the time of day and day of week. An example use of this facility is to provide recreational access to particular websites (news, sport and email) during lunchtimes and evenings.

Time based filter settings are configured using two types of domain lists:

• Grey lists - Domains that you would like to allow past the normal URL filtering controls at certain times.
• White lists - Domains that you would like to allow past ALL filtering at certain times.

Guardian allows up to four grey and four white lists to be created, providing a flexible approach to time-based filter management.

Applying time filtering to a group of users


Guardian allows different time filter settings to be configured for each filter group of users. To set the filter group that time filter settings will apply to choose the appropriate authentication group from the Select group drop-down menu and click the Select button.

When an authentication group is selected, the time filter settings currently assigned to it will be displayed and all subsequent configuration changes will be applied to it.

Creating a time-based grey list


To create a time-based grey list (domains that you would like to allow past the normal URL filtering controls), locate an unused grey list from one of the four grey lists in the Time based grey lists region. Choose an active time range using the Active from and to drop-down menus. Select the days of the week that this grey list will be active for using the Mon to Sun tick-box group of controls. Enter domains into the grey list text box control, one domain per line. For example, example.com.

Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note 1 - Domains should not include www or http:// at the start.

Note 2 - The Active from control must be less than the To time. Times cannot overlap midnight.

Creating a time-based white list


To create a time-based white list (domains that you would like to allow past ALL filtering at certain times), locate an unused white list from one of the four white lists in the Time based white lists region. Choose an active time range using the Active from and to drop-down menus. Select the days of the week that this white list will be active for using the Mon to Sun tick-box group of controls. Enter domains into the white list text box control, one domain per line. For example, example.com.

Click the appropriate Save, Save and Soft Restart, Save and Restart or Save and Restart with cleared cache button at the bottom of the page to record the configuration changes. For more information about the save options, see the Save and restart options section in this help file.

Note 1 - Domains should not include www or http:// at the start.

Note 2 - The Active from control must be less than the To time. Times cannot overlap midnight.

Save and restart options


The following save and restart options are available from the web proxy page:

• Save - A save operation records configuration changes but does not apply them. This can be useful when making a series of configuration changes to Guardian, so that repeated interruption to end-users from unnecessary restarts can be avoided.
• Save and Soft Restart - Completes a save operation followed by a soft restart of the Guardian sub-system. A soft restart operation causes Guardian to re-read all filter rules without interrupting end-user browsing or file downloads. A soft restart normally completes in a few seconds. Soft restarts are useful when changes have been made to the filter rules only. If changes have been saved to other areas of Guardian (I.e. not filter rule changes), a soft restart will not be possible.
• Save and Restart - Completes a save operation followed by a full restart of the Guardian sub-system. A restart will apply all unapplied configuration changes. A restart takes a short while to complete (up to a minute), during which time end-user browsing will be suspended and any currently active downloads will fail. It is a good idea to only initiate restarts when it is convenient for the proxy end-users.
• Save and Restart with cleared cache - Completes a save and restart operation, followed by a clear cache operation. This is used to empty the proxy cache of all data, especially if cache performance has been degraded by the storage of stale information - typically from failed web-browsing or poorly constructed web sites.

Note 1 - If the Save button has been clicked, a Soft Restart Proxy note will be displayed at the top of all Guardian configuration pages, to remind the user that the changes will not be applied until a soft restart operation has been completed. Click the Soft Restart button to initiate a soft restart of the Guardian sub-system.

Note 2 - If a restart operation is already required as a result of configuration changes made to the Guardian | web proxy or Guardian | customise pages, the Save and Soft Restart button will be replaced by the Save and Restart button. Also, the Soft Restart Proxy note will be replaced by the Restart Proxy note.

Blocklists

The blocklists page is used to download and install blocklists, in addition to viewing current version and install status information.

Introduction to blocklists


Blocklists are the mechanism by which Guardian's preset filter settings are kept up to date. Each blocklist includes updated settings that can automatically improve the effectiveness and accuracy of the Guardian filter engine.

There are six types of blocklist that are updated by SmoothWall Ltd on a regular basis:

• URLs - Lists of categorised URLs and domains known to contain objectionable material, used by the URL filter.
• URL replacement - Lists of URL replacement rules, used by the URL filter.
• Phrases - Lists of categorised phrases, used for phrase blocking by the content filter.
• Content replacement - Lists of content replacement rules, used by the content filter.
• File extensions - Lists of categorised file extension, used by the file filter.
• MIME types - Lists of MIME types, used by the file filter.
Viewing current blocklist information


The installation status and version information for each type of blocklist is displayed in the Current version table at the top of the page.

Automated download and installation of blocklists


Blocklist updated can be downloaded and installed by clicking the Download live blocklist update button.

Note - In order to download blocklists a valid blocklist subscription must be held. To obtain a blocklist subscription, please contact your authorised SmoothWall Reseller or SmoothWall Ltd directly.

Manually uploading blocklists


The manual blocklist facility is provided to allow blocklist files to be uploaded from the installation CD or a manually downloaded blocklist file if there is no Internet connection currently available. In most normal circumstances, the automated blocklist download facility should be used, and there are no reasons to use this manual update feature.

To manually upload blocklists, click the Browse button adjacent to the Built-in blocklists text field control. Use your browser's Open dialog to locate a blocklist file and click its Ok, Open or equivalent button. Click the Upload new built-in blocklists button.

Tools

The tools page is used to quickly replicate URL, content, file and time filter rule settings from one authentication group to another.

Replicating filter settings between groups


To replicate filter rule settings from one authentication group to another, choose the authentication group to copy filter rules from using the From group drop-down menu. Next, choose the authentication group to copy filter rules to using the From group drop-down menu.

To copy all filter rules (URL, content, file and time rules), select the "All settings" option from the Group section drop-down menu, or alternatively, to copy a particular group of filter rules (URL, content, file or time rules), select the appropriate option. Click the Copy settings button to complete the operation.