Re: ISAPI - Knowing if rule accepted or deny the request on POLICY_CHECK_COMPLETED
- From: "Jim Harrison \(ISA SE\)" <jmharr@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 13 Feb 2008 11:54:36 -0800
Almost, but not quite completely incorrect.
An allow rule can deny if it is the last applicable rule for this traffic
and the rule "allow" requirements are not met.
For instance, if "the last applicable" allow rule requires authentication
and this is not satisfied, then this "allow" rule will deny the traffic./
The same is true if the request matches any item in any of the exceptions
defined for that rule, such as a source or destination.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"Phillip Windell" <philwindell@xxxxxxxxxxx> wrote in message
news:uwmQ8jZbIHA.5900@xxxxxxxxxxxxxxxxxxxxxxx
An Allow based Rule cannot "deny",...it can either allow or ignore. If it
ignores, then the next rule on the list is tested.
A Deny based Rule cannot "allow",...it can either deny or ignore. If it
ignores, then the next rule on the list is tested.
The Monitoring Log will show which Rule was used during the action except
for certain situations.
I know of no way to programatically do any of this. Someone else will have
to answer that.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
"gbraux" <gbraux@xxxxxxxxxxx> wrote in message
news:ff568e61-5bbe-47a8-b6d5-e2e5f0e7f1ef@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,
Here is what is told about the SF_NOTIFY_POLICY_CHECK_COMPLETED event
in MSDN :
A notification specific to ISA Server 2006 and ISA Server 2004. Sent
after the ISA Server policy check has been completed, and the request
has either been allowed or denied. After this notification has been
received, the Web filter can request the GUID of the policy rule that
either allowed or denied the request. The filter can also request
additional data from the client (SF_STATUS_REQ_READ_NEXT), although
the read operation will fail if all of the data has already been
received.
On this event, I'd like to know if a firewall rule has accepted or
denied the request ... But there are no specific structure comming
with this event where I could find this information.
I think the GUID (obtaited using server variables at this step) can
only help me to obtain an AccessRule object (from FPC COM) ... But how
to know is this rule ALLOWED or DENIED the actuel request ???!!!
Thanks,
Guillaume
.
- References:
- Prev by Date: Re: ISAPI - Knowing if rule accepted or deny the request on POLICY_CHECK_COMPLETED
- Next by Date: Re: ISAPI - Knowing if rule accepted or deny the request on POLICY_CHECK_COMPLETED
- Previous by thread: Re: ISAPI - Knowing if rule accepted or deny the request on POLICY_CHECK_COMPLETED
- Next by thread: Re: ISA 2006 Install Failure
- Index(es):
Relevant Pages
|
Loading
