Filtering

On this page you can setup the rules that are used by Dr.Web ICAPD for blocking of webpages for users as well as define rules for filtering files depending on them type and size.

The section contains the settings of blocking access to different categories of webpages. Also it contains paths to all used user-defined white and black lists of webresources.

The several Block (Block adult content, etc.) checkboxes allow you to enable or to disable blocking access to websites of the corresponding categories. If blocking is enabled, on the access attempt the user will receive a special HTML page containing notification that access to a website is blocked.

Note that one Internet resource can be included in several categories. In this case, access to this resource is blocked if at least one category is active. If it is necessary to allow access to such a resource, deactivate all categories where it is included. Also you can create the rules that grant access to it depending on some conditions.

Dr.Web ICAPD uses access control lists which contain addresses of Internet resources, access to which is blocked or allowed. Apart form the list of Internet resource categories, that are distributed with Dr.Web ICAPD and updated automatically by Doctor Web company, the administrator can create and configure unlimited number of user-defined lists.

You can create both black and white access control lists. User-defined black lists block access and white lists allow access to certain websites.

•Trusted white list (WhiteHosts). All content from the specified hosts is passed without scanning for viruses.

•Permissive white list (WhiteDWS). Users can access the specified hosts regardless whether or not they match a category of Internet resource categories list; however, access to the hosts is forbidden if they are specified in a user-defined black list.

•If a host is included in a trusted white list, access to it is controlled as usual: the host is checked whether it is included in an active category of Internet resource categories list in compliance with the rules and then—whether it is included in a user-defined black list.

•If a host is included in a user-defined black list, access to this host is blocked unconditionally; that is, you cannot create a redefining rule that allows access to such a resource. Moreover, user-defined black lists take precedence over user-defined permissive white lists, that is, if a host is added both to a user-defined white list and to a user-defined black list, access to this host is blocked.

•DWS files directory—path to the directory with files of Internet resource categories list used by Dr.Web ICAPD on the protected station.

•White lists for content filtering—permissive user-defined white list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts which content is not to be checked for matching a black list category. However, the content is to be scanned for viruses. The parameter is necessary to allow access to those websites which are blocked due to being included in a black list.

•User black lists—user-defined black list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts access to web sites on which is to be blocked.

•White lists for anti-virus scanning—trusted user-defined white list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts which content is not to be scanned for viruses. However, the content is to be checked for matching a black list. Please note, this parameter only disables anti-virus check of files received from this hosts but does not allow the access to the hosts.

The section contains the only one editable multi-line field MIME filtering rules. In this field, you can specify rules of anti-virus checking of the transferred data depending on MIME type and size.

Text in the field is always starting with the line MimeStart and ending with the line MimeEnd. Between these lines you should specify the rules of content filtering, one rule per one line.

Content filtering requires the proxy server to support the ICAP preview mode. Moreover, ensure that the Use preview mode checkbox is set on the Proxy page.

Filtering rules are specified as follows (elements are separated by the space sign):

You can specify either a family of MIME types or a concrete type (for example, video indicates any video files, video/mpeg—only file of MPEG type).

The rule specified for the nearest matching MIME type is applied to an object. Thus, the rule specified for files of any type "*" is applied only if no other rule matching the object MIME type is found.

•<action1>—action (scan, pass, reject) that is applied if the object size of this MIME type is not greater than the specified <size> value.

•<size>—threshold size. If the object size of this MIME type is not greater than this threshold, <action1> is applied; otherwise <action2> is applied.

•<action2>—action (scan, pass, reject) that is applied if the object size is greater than the specified <size> value.

If the key value all is specified as the size, only the first action (<action1>) is applied to all objects of this MIME type not depending on their size. In this case, it is not required to specify <action2>.

•reject—reject the file and return another object. This action must be specified with a switch that defines what data is returned to the user:

Note that the reject action must not be specified without a switch.

The section contains the only one editable multi-line field Definitions. In this field, you can specify your own macros that can be used in rules which allow or block access to websites depending on some conditions. The macros are specified in the [def] section.

The section contains the only one editable multi-line field Access rules. In this field, you can specify your own rules which allow or block access to websites depending on some conditions.The rules are specified in the [match] section.

For details on macros and rules, refer to Appendix A.