Filtering |
On this page you can setup the rules that are used by Dr.Web ICAPD for blocking of webpages for users as well as define rules for filtering files depending on them type and size. Content The section contains the settings of blocking access to different categories of webpages. Also it contains paths to all used user-defined white and black lists of webresources. Blocking access to websites The several (, etc.) checkboxes allow you to enable or to disable blocking access to websites of the corresponding categories. If blocking is enabled, on the access attempt the user will receive a special HTML page containing notification that access to a website is blocked.
Managing of black and white lists Dr.Web ICAPD uses access control lists which contain addresses of Internet resources, access to which is blocked or allowed. Apart form the list of Internet resource categories, that are distributed with Dr.Web ICAPD and updated automatically by Doctor Web company, the administrator can create and configure unlimited number of user-defined lists. You can create both black and white access control lists. User-defined black lists block access and white lists allow access to certain websites. User-defined white lists can be of the following types: •Trusted white list (WhiteHosts). All content from the specified hosts is passed without scanning for viruses. •Permissive white list (WhiteDWS). Users can access the specified hosts regardless whether or not they match a category of Internet resource categories list; however, access to the hosts is forbidden if they are specified in a user-defined black list. Note the following features of user-defined lists: •If a host is included in a trusted white list, access to it is controlled as usual: the host is checked whether it is included in an active category of Internet resource categories list in compliance with the rules and then—whether it is included in a user-defined black list. •If a host is included in a user-defined black list, access to this host is blocked unconditionally; that is, you cannot create a redefining rule that allows access to such a resource. Moreover, user-defined black lists take precedence over user-defined permissive white lists, that is, if a host is added both to a user-defined white list and to a user-defined black list, access to this host is blocked. Parameters: •—path to the directory with files of Internet resource categories list used by Dr.Web ICAPD on the protected station. •—permissive user-defined white list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts which content is not to be checked for matching a black list category. However, the content is to be scanned for viruses. The parameter is necessary to allow access to those websites which are blocked due to being included in a black list. •—user-defined black list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts access to web sites on which is to be blocked. •—trusted user-defined white list. The parameter value is a list of paths to text files on the station, separated by commas. The specified files contain hosts which content is not to be scanned for viruses. However, the content is to be checked for matching a black list. Please note, this parameter only disables anti-virus check of files received from this hosts but does not allow the access to the hosts. MIME Filtering The section contains the only one editable multi-line field . In this field, you can specify rules of anti-virus checking of the transferred data depending on MIME type and size. Text in the field is always starting with the line MimeStart and ending with the line MimeEnd. Between these lines you should specify the rules of content filtering, one rule per one line.
Filtering rules are specified as follows (elements are separated by the space sign):
where •<MIME type>—it is a MIME type of content, for example: ▫*—file of any type ▫application—executables, archives, MS Office and PDF documents, etc. ▫audio—audio files (mp3, wav, wma, etc.) ▫image—images (gif, jpg, png, svg, etc.) ▫message—messages between web servers and clients ▫multipart—containers (mail files, packed files) ▫text—text or source code (html, xml, css, etc.) ▫video—video files (mpeg-1, mp4, wma) ▫model—3D models files. You can specify either a family of MIME types or a concrete type (for example, video indicates any video files, video/mpeg—only file of MPEG type). The rule specified for the nearest matching MIME type is applied to an object. Thus, the rule specified for files of any type "*" is applied only if no other rule matching the object MIME type is found. •<action1>—action (scan, pass, reject) that is applied if the object size of this MIME type is not greater than the specified <size> value. •<size>—threshold size. If the object size of this MIME type is not greater than this threshold, <action1> is applied; otherwise <action2> is applied. •<action2>—action (scan, pass, reject) that is applied if the object size is greater than the specified <size> value. If the key value all is specified as the size, only the first action (<action1>) is applied to all objects of this MIME type not depending on their size. In this case, it is not required to specify <action2>. The following actions are allowed: •scan—send the file for anti-virus scanning •pass—pass the file to the user without scanning •reject—reject the file and return another object. This action must be specified with a switch that defines what data is returned to the user: ▫-report—return an HTML page notifying the user that the file is blocked ▫-trunc—return a requested file truncated to zero length (empty file).
The order in which filtering rules are specified is indifferent. Definitions The section contains the only one editable multi-line field . In this field, you can specify your own macros that can be used in rules which allow or block access to websites depending on some conditions. The macros are specified in the [def] section. Rules The section contains the only one editable multi-line field Access rules. In this field, you can specify your own rules which allow or block access to websites depending on some conditions.The rules are specified in the [match] section.
|