The ICAP mode configuration file, kavicapd.xml
, consists of several sections that specify settings for the kavicapd service and KAV SDK.
Preparing the ICAP mode configuration file after manual installation
If you installed Kaspersky Scan Engine manually, you need to copy the ICAP mode configuration to a location where kavicapd service can find it. By default, the configuration file is located at %distr_kit%/etc/kavicapd.xml
.
After installing Kaspersky Scan Engine, copy kavicapd.xml
to your preferred location:
kavicapd.xml
to the /etc/
directory, Kaspersky Scan Engine automatically finds and parses this file.kavicapd.xml
to a different location, you need to set the path to this location when you start Kaspersky Scan Engine manually.Parameters of the ICAP mode configuration file
Following are the sections of the ICAP mode configuration file, kavicapd.xml. An example configuration file is at the end.
The ICAP mode configuration file contains the following parent elements:
Some sections of the configuration file are optional. However, if a section exists in the configuration file, all of its child elements must be present. Elements must not be empty, unless stated otherwise.
Structure of the configuration file
Following is an example ICAP mode configuration file.
<Configuration>
<SDKSettings> <ScannersCount>4</ScannersCount> <ThreadsCount>8</ThreadsCount> <QueueLen>1024</QueueLen> <ScanTimeout>10000</ScanTimeout> <!-- 0 = unlimited --> <LicensePath> <BasesPath> <TempPath>/tmp/kavicapd</TempPath> <LicensingMode>1</LicensingMode><!-- 1 = offline licensing mode; 2 - online licensing mode --> <ScanningMode>KAV_O_M_PACKED | KAV_O_M_ARCHIVED | KAV_O_M_MAILPLAIN | KAV_O_M_MAILBASES | KAV_O_M_HEURISTIC_LEVEL_SHALLOW</ScanningMode> <MaxArchivesScanningDepth>0</MaxArchivesScanningDepth> </SDKSettings>
<KSNSettings> <UseKSN>0</UseKSN> <ObjectCheckOnDemandTimeoutMs>10000</ObjectCheckOnDemandTimeoutMs> <CacheSizeKb>30720</CacheSizeKb> </KSNSettings>
<UpdateSettings> <DisableBackup>0</DisableBackup> <UpdatePeriodMinutes>30</UpdatePeriodMinutes> <!-- 0 = turn update off --> <UseOnlyCustomSources>0</UseOnlyCustomSources> <UpdateSources> <!-- <Source></Source> --> </UpdateSources> <UpdatesCertFile></UpdatesCertFile> <CertificateConfirmationAction>0</CertificateConfirmationAction> <UseReducedBases>0</UseReducedBases> </UpdateSettings>
<ProxySettings> <UseProxy>0</UseProxy> <Host>myproxy.mycompany.com</Host> <Port>3128</Port> <User>doOTrypDTxpVJxUHYeKQTw==</User> <Pass>8mSHXFix3uL+RP9oNeKDZQ==</Pass> </ProxySettings>
<FormatRecognizerSettings> <FormatsToSkipScanning> <KAV_FF_GENERAL_TXT/> <KAV_FF_GENERAL_CSV/> <KAV_FF_AUDIO_WMA/> </FormatsToSkipScanning> </FormatRecognizerSettings>
<ICAPSettings> <Port>1344</Port> <ReqModeAddress>req</ReqModeAddress> <RespModeAddress>resp</RespModeAddress> <MaxIcapSessionsCount>100</MaxIcapSessionsCount> <ScanMaxFileSize>0</ScanMaxFileSize> <!-- 0 = unlimited --> <RAMUsageLimit>0</RAMUsageLimit> <!-- 0 = unlimited --> <Allow204>0</Allow204> <KeepAliveSettings><!-- Support for processing multiple requests during one connection --> <Enabled>1</Enabled> <TimeoutMs>5000</TimeoutMs> <MaxRequests>1000</MaxRequests> </KeepAliveSettings> <RequestingICAPHeaders> <ICAPHeader>HTTPUserNameICAPHeader</ICAPHeader> <ICAPHeader>HTTPClientIpICAPHeader</ICAPHeader> </RequestingICAPHeaders> <HTTPClientIpICAPHeader>X-Client-IP</HTTPClientIpICAPHeader> <HTTPUserNameICAPHeader>X-Client-Username</HTTPUserNameICAPHeader> <VirusNameICAPHeader></VirusNameICAPHeader> <DatabaseVersionICAPHeader>X-AV-Database-time</DatabaseVersionICAPHeader> <SendInfectionFoundICAPHeader>0</SendInfectionFoundICAPHeader> <SendResponseInfoICAPHeader>0</SendResponseInfoICAPHeader> <SendResponseDescICAPHeader>0</SendResponseDescICAPHeader> <SendViolationsFoundICAPHeader>0</SendViolationsFoundICAPHeader> <ScanInReqMode>All</ScanInReqMode> <ScanInRespMode>Content</ScanInRespMode> <RulesFilePath>/opt/kaspersky/ScanEngine/icap_data/kavicapd_gui_rules.conf</RulesFilePath> <CmdPath>/opt/kaspersky/ScanEngine/icap_data/scripts</CmdPath> <ResponsesPath>/opt/kaspersky/ScanEngine/icap_data/templates</ResponsesPath> <TransferBeforeScanEnding Delay="10" ChunkSize="4" BlockedUrlCacheEnabled="1" BlockedUrlCacheKb="5000" BlockedUrlCacheTtlSec="1800">0</TransferBeforeScanEnding> <Exclusions> <!-- Signs of highly likely uninfected resources. --> <!-- Note: ContentSize - more or equal (use only once), ContentType - as is, RequestURL - masks can be used --> <!-- <ContentSize>102400</ContentSize> <ContentType>audio/mpeg</ContentType> <ContentType>image/jpeg</ContentType> <RequestURL>*.kaspersky.com/.*</RequestURL> --> </Exclusions> <!-- Possible values: update, reload, reopen-log (reopens syslog format log files) --> <USR1SignalAction>update</USR1SignalAction> <USR2SignalAction>reopen-log</USR2SignalAction> <!-- The path to the logging configuration file. Only this file will be used as the ICAP logging configuration file. If the LoggingConfigFilePath element has the empty value, the icapdkavlog.conf file located in the kavicapd binary file directory is used. --> <LoggingConfigFilePath></LoggingConfigFilePath> </ICAPSettings>
</Configuration> |