profile (Web Filter)
Syntax
profile profile-name { dns-filter { database-file filename; dns-resp-ttl seconds; dns-server [ ip-address ]; hash-key key-string; hash-method hash-method-name; statistics-log-timer minutes; wildcarding-level level; } dns-filter-template template-name { client-interfaces [ client-interface-name ]; client-routing-instance client-routing-instance-name; dns-filter { database-file filename; dns-resp-ttl seconds; dns-server [ ip-address ]; hash-key key-string; hash-method hash-method-name; statistics-log-timer minutes; wildcarding-level level; } server-interfaces [ server-interface-name ]; server-routing-instance server-routing-instance-name; term term-name { from { src-ip-prefix [ source-prefix ]; } then { accept; dns-sinkhole; } } } global-dns-stats-log-timer minutes; url-filter-database filename; (url-filter-template | template) template-name { client-interfaces [ client-interface-name1 client-interface-name2 ]; disable-url-filtering; dns-resolution-interval minutes; dns-resolution-rate seconds; dns-retries number; dns-routing-instance dns-routing-instance-name; dns-server [ ip-address1 ip-address2 ip-address3 ]; dns-source-interface loopback-interface-name; dns-routing-instance dns-routing-instance-name; routing-instance routing-instance-name; server-interfaces [ server-interface-name1 server-interface-name2 ]; term term-name { from { src-ip-prefix [prefix1 prefix2]; dest-port [port1 port2]; } then { accept; custom-page custom-page; http-status-code http-status-code; redirect-url redirect-url; tcp-reset; } } url-filter-database filename }
Hierarchy Level (starting in Junos OS Release 18.3R1
[edit services web-filter]
Hierarchy Level (before Junos OS Release 18.3R1)
[edit services url-filter]
Description
Define URL filter profile or DNS filter profile.
A URL filter profile is for filtering access to disallowed URLs. A URL filter profile includes a general database setting and templates. The template settings apply to specific interfaces or to access from specific source IP address prefixes, and override the database setting at the profile level.
A DNS filter profile is used to filter DNS requests for disallowed website domains. A DNS filter profile includes general DNS filtering settings and up to 32 templates. The template settings apply to DNS requests on specific interfaces or to DNS requests from specific source IP address prefixes, and override the corresponding settings at the profile level. You can configure up to eight DNS filter profiles.
For URL filtering, use the url-filter-template
option starting in Junos OS Release 18.3R1 and use the template
option in Junos OS Releases before 18.3R1.
Options
profile-name | Name of the filter profile. |
url-filter-database filename |
Specify the filename of the URL filter database. This option is mandatory. |
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 17.2.
dns-filter
, dns-filter-templates
, global-dns-stats-log-timer
, and url-filter-template
options introduced in Junos OS Release 18.3R1.
Support added in Junos OS Release 19.3R2 for Next Gen Services on MX Series routers MX240, MX480 and MX960 with the MX-SPC3 services card.