F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
33
Enables riskware scanning. This detects riskware as well as known viruses.
For more information about riskware, see “
Riskware
”, 119.
Skip these targets
Skip scanning for riskware:
(pass_riskware)
Excludes the specified riskware from detection.
Specify the riskware by using the format "Category.Platform.Family". You can use wildcards
(*) in the Category, Platform, and Family names. For example, "Client-IRC.*.*" excludes all
riskware in the Client-IRC category.
The maximum length of the setting is 1999 bytes.
Separate each setting in the setup file with a semicolon (";").
Keep-alive connection
Keep-Alive connection
(keepalive)
Uses a Keep-Alive connection (persistent connection). In practice, a Keep-Alive connection is
only used if both the server and client support Keep-Alive and all the following conditions are
met:
•
Keep-Alive connection setting is enabled.
•
The value of "Connection" in the response header of the HTTP/1.1 response
is not "close". "Connection" or "Proxy-Connection" in the HTTP/1.0 response
starts with "keep-alive".
•
The Content-Length in the response header is 1 or more, and the response
code is 304, 204, or 1xx.
•
Content-Length does not appear more than once in the request header or
response header.
•
Not a virus detection response.
•
The connection to the server was established successfully and no error
occurred.
•
Not FTP over HTTP.
•
Not the CONNECT method.
Timeout
Timeout
(keepalive_timeout)
Specifies a timeout (in seconds) for Keep-Alive connections of 1 second or more. After the
HTTP response is complete, the session is disconnected once the specified time elapses.
Leaving a Keep-Alive connection open monopolizes a proxy process. If you increase the
timeout value, make sure that there is a sufficient margin in the maximum number of
simultaneous connections.
Anonymous proxy
Anonymous Proxy
(anonymous)
Disables the sending of information about the proxy or client (Via and X-Forwarded-For
headers) to the server.
Transparent proxy
Transparent Proxy mode
(transparent)
Enables the transparent proxy mode.
If you use the HTTP proxy in transparent mode, you need to set the NAT redirection. To do this,
use one of the following methods:
•
Click the “
Edit NAT (iptables) redirect settings
” to use the "Edit NAT (iptables) redirect
settings ".