Kaspersky Scan Engine

ICAP rules

This section describes the ICAP rules page of Kaspersky Scan Engine GUI. Using the ICAP rules page, you can add, remove, and edit ICAP rules. You can create as many ICAP rules as you want.

This page is available if Kaspersky Scan Engine is initialized in ICAP mode.

If an error occurred while loading the web page and the settings are unavailable, reload the page.

ICAP rules page

When you open the ICAP rules page, Kaspersky Scan Engine reads the following data,which is to be used when editing ICAP rules:

• Names of the response patterns that are stored in the directory specified in the ResponsesPath element of the ICAP Plugin configuration file
• Names of the scripts that are stored in the directory specified in the CmdPath element of the ICAP Plugin configuration file

A single ICAP rule contains the following fields:

• ICAP mode that is relevant for the rule

  You can select one of the following ICAP modes:

  • Request
  • Response
  • Any

• Scan result after which the rule is activated

  You can select one of the following scan results:

  • Detect
  • Not scanned
  • Failed
  • Macro
  • Phishing
  • Any
  • Clean
• Response pattern

  This response pattern is used on a blocked web page after the rule is activated.

  When the ICAP rules web page is loaded, you can choose one of the response patterns received by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

  You can leave this field empty.

• Script to execute

  This script is executed after the rule is activated.

  When the ICAP rules web page is loaded, you can choose one of the scripts got by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

  You can leave this field empty.