F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
55
If scanning takes a long time, this setting terminates scanning after the specified time. Note,
however, that if you set a shorter scanning time, it limits the extent to which archived and other
large files can be scanned.
Riskware scanning
Scan riskware
(riskware_check)
Enables riskware scanning. This detects riskware as well as known viruses.
For more information about riskware, see “
Riskware
”, 168.
Skip these targets
Skip scanning for riskware:
(pass_riskware)
Excludes the specified riskware from detection.
You can specify riskware by using the format "Category.Platform.Family". You can use
wildcards (*) in the Category, Platform, and Family names. For example, "Client-IRC.*.*"
excludes all riskware in the Client-IRC category.
The maximum length of the setting is 1999 bytes.
Separate each setting in the setup file with a semicolon (";").
Transparent proxy
Transparent Proxy mode
(transparent)
Enables the transparent proxy mode.
A NAT redirection setting is required when the proxy operates as a transparent proxy. Use one
of the following methods to specify the NAT redirection setting:
•
Use the "
Edit NAT (iptables) redirect settings". To do this, click
Edit NAT (iptables)
redirect settings
.
•
Use the iptables command from the command line to specify the setting as follows. (The
example shows the port number being set to 9021.)
#
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 21 ¥
-j REDIRECT --to-port 9021
For more information, see “
Transparent Proxy
”, 108.
Edit NAT (iptables) redirect settings
NAT
Specifies the NAT redirection settings. If you select the [FTP redirect] checkbox, all
connections for port 21 are redirected to the FTP proxy (port 9021).