ICAP rules

This section describes the ICAP rules page of Kaspersky Scan Engine GUI. Using the ICAP rules page, you can add, remove, and edit ICAP rules. You can create as many ICAP rules as you want.

This page is available if Kaspersky Scan Engine is initialized in ICAP mode.

Several lines of ICAP rules. Each line contains settings: ICAP mode, Scan result, Response pattern, Script to execute.

ICAP rules page

If an error occurred while loading the web page and the settings are unavailable, reload the page.

When you open the ICAP rules page, Kaspersky Scan Engine reads the following data, which is to be used when editing ICAP rules:

Names of the response patterns that are stored in the directory specified in the ResponsesPath element of the ICAP Plugin configuration file
Names of the scripts that are stored in the directory specified in the CmdPath element of the ICAP Plugin configuration file

A single ICAP rule contains the following fields:

ICAP mode that is relevant for the rule
You can select one of the following ICAP modes:
- Request mode
- Response mode
- Any
Scan result after which the rule is activated
You can select one of the following scan results:
- Detect
- Not scanned
- Failed
- Macro
- Phishing
- Any
- Clean
Response pattern
This response pattern is used on a blocked web page after the rule is activated.

When the ICAP rules web page is loaded, you can choose one of the response patterns received by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

You can leave this field empty.
Script to execute
This script is executed after the rule is activated.

When the ICAP rules web page is loaded, you can choose one of the scripts got by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

You can leave this field empty.

Kaspersky Scan Engine does not process the rules where Scan result is set to Any and Action is set to None. You must avoid using these rules (see the table below).

Incorrect ICAP rules

ICAP mode	Scan result	Action
Response mode	Any	None
Request mode	Any	None
Any	Any	None

Page top