Filtering Java Applets
The filter java command filters out Java applets that return to the Cisco Security Appliance
from an outbound connection. The user still receives the HTML page, but the web page
source for the applet is commented out so that the applet cannot execute. The syntax for filter
java is
filter java port[-port] local-ip mask foreign-ip-mask
The following example specifies that Java applet blocking applies to web traffic on port 80
from local subnet 10.10.10.0 and for connections to any foreign host:
filter java http 10.10.10.0 255.255.255.0 0 0