Clarity with wildcards used for custom objects

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Clarity with wildcards used for custom objects

L1 Bithead

I'm trying to have a clear understanding of wild cards and ending tokens when using them for custom URL categories. What's the difference in behavior when using *.site.com/  versus   site.com/  ??? The pop-up doesn't seem to mention wild cards in the scenario.

 

"if you want to allow xyz.com and enter the domain as 'xyz.com,' you will allow xyz.com and URLs such as xyz.com.random.com. However, if you enter the domain as 'xyz.com/,' you will only allow xyz.com."

 

Some of the threads here haven't been clear on the differences.

1 ACCEPTED SOLUTION

Accepted Solutions

Community Team Member

Hi @dgagnon ,

 

Does this KB answer your question ?

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oM79CAE&lang=en_US%E2%80%A...

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Don't forget to hit that Like button if a post is helpful to you!

View solution in original post

3 REPLIES 3

Community Team Member

Hi @dgagnon ,

 

Does this KB answer your question ?

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oM79CAE&lang=en_US%E2%80%A...

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Don't forget to hit that Like button if a post is helpful to you!

Hi  @kiwi

That does help to provide some additional context to the text within the pop-up menu. The challenge is trying to determine if there are inaccuracies in the description. For example: the pop-up box says "if you enter the domain as xyz.com/, you will only allow xyz.com." and the link you found says "google.com/   - will match only google.com" on line 8. This lines up with the example provided from the pop-up.

 

However, on line 5 from the link it says: " *.google.com/   - will match blog1.blog2.google.com but will not match google.com"  This is where I'm a little confused as I'm struggling to understand why the line 5 example would only match a domain name with sub-domains and not the domain AND any other sub-domains.  I'm inheriting a poorly managed firewall and if line 5 is correct, if I want to block badsite.com and any other subdomains on that site (download.badsite.com or chat.badsite.com) I will need to have two (2) entries in the filter: badsite.com/ and *.badsite.com/. I want to ensure I'm applying these rules properly and not inadvertently permitting access to site we're trying to block or preventing access to sites we need to allow.

Community Team Member

Hi @dgagnon ,

 

Correct, if you want to block badsite.com and any other subdomains on that site you will have two (2) entries in the filter:

 

badsite.com/

 

*.badsite.com/

 

Cheers,

-Kiwi

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Don't forget to hit that Like button if a post is helpful to you!
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!