Trace Request

Trace Request

Trace Request

The 'Trace Request' window is best used for diagnostics and troubleshooting of the entire policy processing framework. It returns both category information and verdict information on a per client, per IP, per group and/or per policy basis.

When Lenovo NetFilter denies the client browser, the browser will follow the 302 Redirect to the deny page content. This request is also intercepted and processed by Lenovo NetFilter.

In the input section of the window enter the URL you wish to test. You can filter by Client Name, Client IP Address, Group Name, and Policy Name. You can also test lists that lookup entries by ‘Request Part’ which includes Destination IP (e.g. GeoIP list), User Agent, Referrer, Client Module Name, and Event Type. An autocomplete option can be used for the Destination IP Address field.

A screenshot of a computer Description automatically generated

About Verifying Filtering

There are two tools that are helpful in verifying categorization and filtering. They are the Tools > Trace Request window and the Logs > Request Logs page. Once you have implemented your Policy settings, you can use these tools to verify filtering and categorization.

Understanding Trace Request Output

When you enter information in the window and click the Send Request button, the output displays three columns. Additional rows will also display for denied requests to indicate what deny pages are delivered and allowed.

·       Step: The list or the other processing step that affected the request. i.e. the Master List, CNS, Category Custom Mapping, etc.

·       List URL / Keyword: The entry that was matched in the processing step. i.e. http://*.youtube.com/* could be the list entry that would match requests for YouTube.

·       Result: This displays the Category and Decision for the requested URL. For denied decisions, a ‘Replace URL’ displays the link to the associated deny page.

Trace Request Denied Request Example

Below is a Trace Request for the URL sex.com.

Graphical user interface, text, application, email Description automatically generated

Step

Description

Step 1: Protocol CNS List:

Category: The Trace Request looked for the protocol in the CNS Category List and determined that it was an http request and assigned the Category of ‘Hypertext Transfer’. The Protocol List, by default, has two protocol entries: http and https. If it is determined that it is https, it will be categorized as Hypertext Transfer Secure.

System Lists Lookup

The System-Wide, Shared and Categorization Lists can also display in the Trace Request window along with the List item. See below.

Master List Lookup

Category: It was determined that the request was categorized as ‘Pornography’.

Policy Categories Check

Decision: It is the decision that the determined Category is denied. Please note that if the request belongs to multiple Categories and one of these Categories is denied, the request will be denied.

Response URL Test

Category: Host is an IP

Replace URL: It is determined that a replacement URL with a Deny Page will be served.

Filter Bypass List Lookup

Filter Bypass List is used to allow the deny page that is to be served and bypass the Policy Server’s filtering decision.

Allow Request Example

In this example, the request for google is allowed and no deny page is served.

Graphical user interface Description automatically generated

However, if google is denied by a System List, that information will display in the Results section.

Graphical user interface, text, application Description automatically generated

System Lists Lookup

The System-Wide, Shared and Categorization Lists display in the Trace Request window along with the List item. In this example, a site Categorized as 'Pornography' has been blocked by a 'System List'.

Graphical user interface, application Description automatically generated

List Name Displayed in Trace Request

The System, Shared and Categorization Lists will display in the Trace Request window along with the List item.

Graphical user interface, text, application Description automatically generated

FTP Request

In this example, the FTP Protocol Category is not being blocked, the Processing Step is Protocol List and the Category assigned is File Transfer.

The ‘Policy Categories Check’ processing step determines that the ‘File Transfer’ Category is Allowed.

Graphical user interface, application Description automatically generated

Category Custom Mapping

A 'Category Custom Mapping' Step will display when the Policy Server has mapped the Category.

Show All Steps

'Show All Steps' checkbox option displays all policy processing steps for a request until processing stops. It will show all steps even if there is no data.

Graphical user interface, table Description automatically generated

 


    • Related Articles

    • Request Logs

      Request Logs The 'Request Logs' window catches the traffic on each policy server, by polling the request logs every second. The viewer displays up to 50 logs per server with the display limit set by the 'Logs Per Page' option in WebAdmin Settings. ...
    • List

      Lists Window The ‘List’ window is the main window for managing Lists. It is found under the Policies menu.  Use the 'Lists' window to create, manage and assign Lists for filtering. URL Lists support URLs and URL parts (such as scheme, path, or ...
    • Reporter Logging

      When an Internet request goes through the Lenovo NetFilter filtering system, Lenovo NetFilter records information about the request in its ‘Request Logs’. You can use the Lenovo NetFilter Reporter subsystem to create different kinds of reports from ...
    • Custom Reports Overview

      Use the Custom Report page to create or edit a report. Enter the Report Name, Description and Owner. For Report Type, if Demand is chosen, select the Date Range. For Scheduled Reports, select the Interval and Start Date and for Continuous Reports, ...
    • Quick Search Reports

      Quick Search is used to directly search for specific items in the Request Log. Like a web search engine, the Quick Search feature allows you to reduce the number of search results by entering one or more criteria that a record must satisfy to be ...