-1

I am have two networks with a Dlink DFL-260E firewall between them. Both networks use windows file sharing to transfer files. I need to restrict the file transfer so as to allow .xls and .xlsx files. How can the firewall be configured for this?

dunxd
  • 9,482
  • 21
  • 80
  • 117
Vicky
  • 171
  • 1
  • 11
  • Have you checked the manual for any instructions about content inspection? That is the only way that any firewall is going to be able to determine any filetypes, and it may be that your firewall doesn't support this, or it does and the manual says how to use it. – dunxd Dec 14 '12 at 15:37

3 Answers3

1

As mentioned, firewalls don't really look at the content of the connection, only the connection details like IP address and port. It sounds like you are talking about IPS (Intrusion prevention). IPS looks at traffic (as long as its not encrypted) and you can block based on patters like regex.

mike
  • 11
  • 1
0

A (packet-filtering) firewall is the wrong solution here. They have no knowledge (or at best very LIMITED knowledge) of what's actually being transferred.

From a broader perspective, it is impractical to examine all data going over the network and strip out everything that is "not an .xls or .xlsx file" -- I'm afraid that what you're asking for can't be done, or at least not in any practical real-world application...

voretaq7
  • 79,345
  • 17
  • 128
  • 213
0

You can't really do this at the firewall level. I'd suggest instead you use an IIS Server and WebDav with filtering.

That will let you filter by file extension. To do more, you will probably have to extend IIS with an ISAPI Filter. You can probably inspect the file for Magic numbers or xml schema to do a better check then the extension.

Community
  • 1
Justin Dearing
  • 1,017
  • 10
  • 33