ICAP rules

This section describes the ICAP rules page of Kaspersky Scan Engine GUI. Using the ICAP rules page, you can add, remove, and edit ICAP rules. You can create as many ICAP rules as you want.

This page is available if Kaspersky Scan Engine is initialized in ICAP mode.

ICAP rules page

If an error occurred while loading the web page and the settings are unavailable, reload the page.

When you open the ICAP rules page, Kaspersky Scan Engine reads the following data, which is to be used when editing ICAP rules:

• Names of the response patterns that are stored in the directory specified in the ResponsesPath element of the ICAP Plug-in configuration file
• Names of the scripts that are stored in the directory specified in the CmdPath element of the ICAP Plug-in configuration file

A single ICAP rule contains the following fields:

• ICAP mode that is relevant for the rule

  You can select one of the following ICAP modes:

  • Request mode
  • Response mode
  • Any
• Scan result after which the rule is activated

  You can select one of the following scan results:

  • Detected
  • Not scanned
  • Failed
  • Macro
  • Phishing
  • Any
  • Clean
• Response pattern

  This response pattern is used on a blocked web page after the rule is activated.

  When the ICAP rules web page is loaded, you can choose one of the response patterns received by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

  You can leave this field empty.

• Script to execute

  This script is executed after the rule is activated.

  When the ICAP rules web page is loaded, you can choose one of the scripts got by Kaspersky Scan Engine. In an ICAP rule, you can specify either the response pattern or the script to execute, but not both.

  You can leave this field empty.

Kaspersky Scan Engine does not process the rules where Scan result is set to Any and Action is set to None. You must avoid using these rules (see the table below).

Incorrect ICAP rules