-N is a prefix indicating that the command belongs to the group of commands for managing network traffic scan settings.
kesl-control -N --query
The command outputs lists of exclusions from encrypted connections scanning:
Command syntax
kesl-control -N --query user
kesl-control -N --query auto
kesl-control -N --query kl
kesl-control --clear-web-auto-excluded
This command clears the list of domains that the application has automatically excluded from scanning.
Command syntax
kesl-control -N --clear-web-auto-excluded
kesl-control --get-net-settings
This command outputs the current network traffic scan settings to the console or a configuration file.
Command syntax
kesl-control [-N] --get-net-settings [--file <configuration file path>] [--json]
Arguments and keys
--file <configuration file path>: the path to the configuration file to output the network traffic scan settings to. If you do not specify the --file option, settings will be output to the console.
If you specify the name of a file without its path, the file will be created in the current directory. If a file already exists in the specified path, it will be overwritten. If the specified directory does not exist, no configuration file will be generated.
--json is specified to output the settings in JSON format. If the --json option is not specified, the settings are output in the INI format.
kesl-control --set-net-settings
This command configures the network traffic scan settings with command options or by importing settings from a configuration file.
Command syntax
Define settings via command options:
kesl-control [-N] --set-net-settings <option name>=<option value> [<option name>=<option value>]
Define settings via a configuration file:
kesl-control [-N] --set-net-settings --file <configuration file path> [--json]
Arguments and keys
where <setting name>=<setting value> is the name and value of one of the network traffic scan settings.
--file <configuration file path>: the full path to the configuration file to import network traffic scan settings from.
--json is specified to import the settings from the configuration file into the application in JSON format. If the --json option is not specified, the application attempts to import from an INI file. If the import fails, an error is displayed.
kesl-control --list-certificates
This command outputs a list of trusted root certificates.
Command syntax
kesl-control [-N] --list-certificates
kesl-control --add-certificate
This command adds a certificate to the list of trusted root certificates.
Command syntax
kesl-control [-N] --add-certificate <path to certificate>
Arguments and options
<path to certificate> is the path to the certificate file that you want to add (PEM or DER format).
kesl-control --remove-certificate
This command removes a certificate from the list of trusted root certificates.
Command syntax
kesl-control [-N] --remove-certificate <certificate subject>
kesl-control --add-bypass-endpoints
This command lets you add traffic interception exclusion.
Command syntax
kesl-control [-N] --add-bypass-endpoints --direction <in|out> --remote-ip <remote IP address> --dst-port <destination port>
Arguments and keys
<in|out> is the direction of traffic in the excluded connection, outbound or inbound.
<remote IP address> is the IPv4 or IPv6 address of the remote device. If you exclude inbound traffic from interception, traffic coming from the specified IP address is excluded. If you exclude outbound traffic from interception, traffic going to the specified IP address is excluded.
<destination port> is a port on the protected device (exclusion for inbound traffic) or a port on the remote device (exclusion for outbound traffic). Traffic to this port is excluded from interception.
kesl-control --list-bypass-endpoints
This command lets you view the list of configured traffic interception exclusions.
Command syntax
kesl-control [-N] --list-bypass-endpoints