diff --git a/configs/fortigate/global/webfilter.cfg b/configs/fortigate/global/webfilter.cfg new file mode 100644 index 0000000..60160c2 --- /dev/null +++ b/configs/fortigate/global/webfilter.cfg @@ -0,0 +1,562 @@ +config webfilter profile + edit "g-default" + set comment "Default web filtering." + config ftgd-wf + unset options + config filters + edit 1 + set action block + next + edit 2 + set category 2 + set action block + next + edit 3 + set category 7 + set action block + next + edit 4 + set category 8 + set action block + next + edit 5 + set category 9 + set action block + next + edit 6 + set category 11 + set action block + next + edit 7 + set category 12 + set action block + next + edit 8 + set category 13 + set action block + next + edit 9 + set category 14 + set action block + next + edit 10 + set category 15 + set action block + next + edit 11 + set category 16 + set action block + next + edit 12 + set category 26 + set action block + next + edit 13 + set category 57 + set action block + next + edit 14 + set category 61 + set action block + next + edit 15 + set category 63 + set action block + next + edit 16 + set category 64 + set action block + next + edit 17 + set category 65 + set action block + next + edit 18 + set category 66 + set action block + next + edit 19 + set category 67 + set action block + next + edit 20 + set category 86 + set action block + next + edit 21 + set category 88 + set action block + next + edit 22 + set category 90 + set action block + next + edit 23 + set category 91 + set action block + next + end + end + next + edit "g-sniffer-profile" + set comment "Monitor web traffic." + config ftgd-wf + config filters + edit 1 + next + edit 2 + set category 1 + next + edit 3 + set category 2 + next + edit 4 + set category 3 + next + edit 5 + set category 4 + next + edit 6 + set category 5 + next + edit 7 + set category 6 + next + edit 8 + set category 7 + next + edit 9 + set category 8 + next + edit 10 + set category 9 + next + edit 11 + set category 11 + next + edit 12 + set category 12 + next + edit 13 + set category 13 + next + edit 14 + set category 14 + next + edit 15 + set category 15 + next + edit 16 + set category 16 + next + edit 17 + set category 17 + next + edit 18 + set category 18 + next + edit 19 + set category 19 + next + edit 20 + set category 20 + next + edit 21 + set category 23 + next + edit 22 + set category 24 + next + edit 23 + set category 25 + next + edit 24 + set category 26 + next + edit 25 + set category 28 + next + edit 26 + set category 29 + next + edit 27 + set category 30 + next + edit 28 + set category 31 + next + edit 29 + set category 33 + next + edit 30 + set category 34 + next + edit 31 + set category 35 + next + edit 32 + set category 36 + next + edit 33 + set category 37 + next + edit 34 + set category 38 + next + edit 35 + set category 39 + next + edit 36 + set category 40 + next + edit 37 + set category 41 + next + edit 38 + set category 42 + next + edit 39 + set category 43 + next + edit 40 + set category 44 + next + edit 41 + set category 46 + next + edit 42 + set category 47 + next + edit 43 + set category 48 + next + edit 44 + set category 49 + next + edit 45 + set category 50 + next + edit 46 + set category 51 + next + edit 47 + set category 52 + next + edit 48 + set category 53 + next + edit 49 + set category 54 + next + edit 50 + set category 55 + next + edit 51 + set category 56 + next + edit 52 + set category 57 + next + edit 53 + set category 58 + next + edit 54 + set category 59 + next + edit 55 + set category 61 + next + edit 56 + set category 62 + next + edit 57 + set category 63 + next + edit 58 + set category 64 + next + edit 59 + set category 65 + next + edit 60 + set category 66 + next + edit 61 + set category 67 + next + edit 62 + set category 68 + next + edit 63 + set category 69 + next + edit 64 + set category 70 + next + edit 65 + set category 71 + next + edit 66 + set category 72 + next + edit 67 + set category 75 + next + edit 68 + set category 76 + next + edit 69 + set category 77 + next + edit 70 + set category 78 + next + edit 71 + set category 79 + next + edit 72 + set category 80 + next + edit 73 + set category 81 + next + edit 74 + set category 82 + next + edit 75 + set category 83 + next + edit 76 + set category 84 + next + edit 77 + set category 85 + next + edit 78 + set category 86 + next + edit 79 + set category 87 + next + edit 80 + set category 88 + next + edit 81 + set category 89 + next + edit 82 + set category 90 + next + edit 83 + set category 91 + next + edit 84 + set category 92 + next + edit 85 + set category 93 + next + edit 86 + set category 94 + next + edit 87 + set category 95 + next + end + end + next + edit "g-wifi-default" + set comment "Default configuration for offloading WiFi traffic." + set options block-invalid-url + config ftgd-wf + unset options + config filters + edit 1 + next + edit 2 + set category 2 + set action block + next + edit 3 + set category 7 + set action block + next + edit 4 + set category 8 + set action block + next + edit 5 + set category 9 + set action block + next + edit 6 + set category 11 + set action block + next + edit 7 + set category 12 + set action block + next + edit 8 + set category 13 + set action block + next + edit 9 + set category 14 + set action block + next + edit 10 + set category 15 + set action block + next + edit 11 + set category 16 + set action block + next + edit 12 + set category 26 + set action block + next + edit 13 + set category 57 + set action block + next + edit 14 + set category 61 + set action block + next + edit 15 + set category 63 + set action block + next + edit 16 + set category 64 + set action block + next + edit 17 + set category 65 + set action block + next + edit 18 + set category 66 + set action block + next + edit 19 + set category 67 + set action block + next + edit 20 + set category 86 + set action block + next + edit 21 + set category 88 + set action block + next + edit 22 + set category 90 + set action block + next + edit 23 + set category 91 + set action block + next + end + end + next +end +config webfilter search-engine + edit "g-google" + set hostname ".*\\.google\\..*" + set url "^\\/((custom|search|images|videosearch|webhp)\\?)" + set query "q=" + set safesearch url + set safesearch-str "&safe=active" + next + edit "g-yahoo" + set hostname ".*\\.yahoo\\..*" + set url "^\\/search(\\/video|\\/images){0,1}(\\?|;)" + set query "p=" + set safesearch url + set safesearch-str "&vm=r" + next + edit "g-bing" + set hostname ".*\\.bing\\..*" + set url "^(\\/images|\\/videos)?(\\/search|\\/async|\\/asyncv2)\\?" + set query "q=" + set safesearch header + next + edit "g-yandex" + set hostname "yandex\\..*" + set url "^\\/((yand|images\\/|video\\/)(search)|search\\/)\\?" + set query "text=" + set safesearch url + set safesearch-str "&family=yes" + next + edit "g-youtube" + set hostname ".*youtube.*" + set safesearch header + next + edit "g-baidu" + set hostname ".*\\.baidu\\.com" + set url "^\\/s?\\?" + set query "wd=" + next + edit "g-baidu2" + set hostname ".*\\.baidu\\.com" + set url "^\\/(ns|q|m|i|v)\\?" + set query "word=" + next + edit "g-baidu3" + set hostname "tieba\\.baidu\\.com" + set url "^\\/f\\?" + set query "kw=" + next + edit "g-vimeo" + set hostname ".*vimeo.*" + set url "^\\/search\\?" + set query "q=" + set safesearch header + next + edit "g-yt-scan-1" + set url "www.youtube.com/user/" + set safesearch yt-scan + next + edit "g-yt-scan-2" + set url "www.youtube.com/youtubei/v1/browse" + set safesearch yt-scan + next + edit "g-yt-scan-3" + set url "www.youtube.com/youtubei/v1/player" + set safesearch yt-scan + next + edit "g-yt-scan-4" + set url "www.youtube.com/youtubei/v1/navigator" + set safesearch yt-scan + next + edit "g-yt-channel" + set url "www.youtube.com/channel" + set safesearch yt-channel + next + edit "g-yt-pattern" + set url "youtube.com/channel/" + set safesearch yt-pattern + next + edit "g-twitter" + set hostname "twitter\\.com" + set url "^\\/i\\/api\\/graphql\\/.*\\/UserByScreenName" + set query "variables=" + set safesearch translate + next + edit "g-google-translate-1" + set hostname "translate\\.google\\..*" + set url "^\\/translate" + set query "u=" + set safesearch translate + next + edit "g-google-translate-2" + set hostname ".*\\.translate\\.goog" + set url "^\\/" + set safesearch translate + next +end