Configuration Options > Networking > ARM
|
Displays the redirection rules in the ipnat.conf file that specify how incoming packets are readdressed when the proxy is serving traffic transparently. During installation, Content Gateway creates a small number of default rules. These rules can be added to and modified. IPv4 and IPv6 addresses are supported. During operation, Content Gateway traverses the list top down and applies the first matching rule.
|
|
Updates the table to display the most up-to-date rules in the ipnat.conf file.
|
|
Opens the configuration file editor for the ipnat.conf file.
|
|
Lists the ipnat.conf file rules. Select a rule to edit it. The buttons on the left of the box allow you to delete or move the selected rule up or down in the list.
|
|
When dns is selected, the ARM redirects DNS traffic to Content Gateway: otherwise, DNS traffic is bypassed.
|
|
IP Spoofing: Enabled/Disabled
|
Enables or disables the IP spoofing option, which configures Content Gateway to establish connections to origin servers with the client IP address instead of the Content Gateway IP address. For more information, see IP spoofing.
WARNING: IP spoofing requires precise control of the routing paths on your network, overriding the normal routing process for traffic running on TCP port 80 and 443.
|
In the Client IP Addresses field, enter a comma separated list of individual IP addresses and/or IP address ranges. Do not use spaces.
In the Spoofed IP Address field, enter the IP address to use with matching clients. This is the spoofed IP address.
To add a row to the table, click Add Row.
To remove a row from the table, delete the contents of the cells. When you click Apply the empty row(s) is removed
|
Updates the table to display the most up-to-date rules in the bypass.config file.
|
|
Opens the configuration file editor for the bypass.config file.
|
|
Lists the bypass.config file rules. Select a rule to edit it. The buttons on the left of the box allow you to delete or move the selected rule up or down in the list.
|
|
A bypass rule bypasses specified incoming requests.
A deny_dyn_bypass rule prevents the proxy from bypassing specified incoming client requests dynamically (a deny bypass rule can prevent Content Gateway from bypassing itself).
|
|
Select Enabled to enable dynamic bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Disabled to disable dynamic bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Source-Destination to enable dynamic source/destination bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Destination Only to enable dynamic destination bypass when Content Gateway encounters non-HTTP traffic on port 80.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 400 error.
Select Disabled to disable dynamic bypass when an origin server returns a 400 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 400 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 400 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 401 error.
Select Disabled to disable dynamic bypass when an origin server returns a 401 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 401 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 401 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 403 error.
Select Disabled to disable dynamic bypass when an origin server returns a 403 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 403 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 403 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 405 error.
Select Disabled to disable dynamic bypass when an origin server returns a 405 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 405 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 405 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 406 error.
Select Disabled to disable dynamic bypass when an origin server returns a 406 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 406 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 406 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 408 error.
Select Disabled to disable dynamic bypass when an origin server returns a 408 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 408 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 408 error.
|
|
Select Enabled to enable dynamic bypass when an origin server returns a 500 error.
Select Disabled to disable dynamic bypass when an origin server returns a 500 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 500 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 500 error.
|
Configuration Options > Networking > ARM
|