Hi
Tried it in my lab. Several problems here. If you want to block everything by default, do
set security utm feature-profile web-filtering juniper-local profile jun-local default block
The pattern http://*.mail.ru does not actually block mail.ru, only something.mail.ru. So use
White_Test {
value [ http://*.mail.ru http://mail.ru http://*.google.ru http://google.ru ];
}
(google seems to use https by default so it will not work for it now).
The sequence of URL checking is as follows
blacklist -> whitelist -> default action
so you do not want to have * in the black list. However, "*" and "http://*" will not work anyway. "*" only can be before "." in the URL pattern. So for example "http://*.org" works.
My UTM config that works
lab@J-test# show security utm
custom-objects {
url-pattern {
Black_Test {
value [ http://*.org ];
}
White_Test {
value [ http://*.mail.ru http://mail.ru http://*.google.ru http://google.ru ];
}
}
custom-url-category {
blocked-sites {
value Black_Test;
}
allowed-sites {
value White_Test;
}
}
}
feature-profile {
web-filtering {
url-whitelist allowed-sites;
url-blacklist blocked-sites;
type juniper-local;
juniper-local {
profile jun-local {
default block;
custom-block-message ***DENY***;
fallback-settings {
default block;
timeout block;
too-many-requests block;
}
timeout 1800;
}
}
}
}
utm-policy web-filter {
web-filtering {
http-profile jun-local;
}
}