Firewall block can not works normally with 'contains ' rule


Firewall block can not works normally with 'contains ’ rule.

Below is the rule exp:

(not in {“CN”} and http.request.full_uri contains “admin.”)


It will alow all access to ‘admin.*.com’ not matter whether I change my ip from CN to US
Do you have any ideas . Thanks.


So you want to block all countries, except for China, for admin.?

Just two notes. If you only want to exclude China ne might be better than not in and if you want to filter the hostname would be better than http.request.full_uri.

( ne "CN" and contains "admin.")

Assuming that rule wont work for you either, can you post the actual URL you want to protect?


After use your rule and I change IP to de, it still does not change the access to that url.


Are you sure the rule is enabled and the host in question is proxied?


Yes. It is ‘on’.


Only if I remove ’ contains’ , it works


Well, without the URL it is impossible to say more.


admin url

Ok,The url is above.
the rule is on bellow

( ne “CN” and contains “admin”)



It appears the block works just fine.


Thanks. It works now . Using VPN may be better than Using proxy to to change IP for seeing the result.

closed #11

This topic was automatically closed after 30 days. New replies are no longer allowed.