There appears to be an issue with using the "Response Body" search criteria when using HTTP filtering.
I've noticed that if you've got any "Response Body" filters set then some downloads may not work because it can't scan the response content. It denies the connection attempt and shows the error "Blocked by the HTTP security filter: the response content is encoded and cannot be scanned". As a test try to access the URL below with a "Response Body" signature filter set.
Original Client IP Client Username Authenticated Client Service Server Name Referring Server Destination Host Name Transport MIME Type Object Source Source Network Destination Network Source Proxy Destination Proxy Bidirectional Client Host Name Filter Information Network Interface Raw IP Header Source Port Processing Time Bytes Sent Bytes Received Result Code Cache Information Error Information Log Record Type Log Time Client IP Destination IP Destination Port Protocol Action Rule URL Client Agent HTTP Method HTTP Status Code Raw Payload
0.0.0.0 anonymous No Proxy CELESTIX-H5L4CS download.smoothwall.org TCP application/x-tar Internet Internal External - - - Blocked by the HTTP security filter: the response content is encoded and cannot be scanned - - 0 401 4349 388 0x800000 0x480 Web Proxy Filter 8/26/2004 8:33:20 AM 192.168.1.8 188.8.131.52 80 http Denied Connection All Open http://download.smoothwall.org/archive/updates/2.0/2.0-fixes4.tar.gz Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461; .NET CLR 1.1.4322) GET 12217 The request was rejected by the HTTP filter. Contact your ISA Server administrator. -
The name of the rule is "All Open" and you guessed it, its like the default ISA 2000 Protocol Rule