F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
54
To:
(acl_to)
Only accepts connections to the designated list of hosts.
For examples, see “
Access Control
”, 65.
If you edit the
To these hosts
setting by using the web console, the ftp to field is updated
in /opt/f-secure/fsigk/conf/hosts.allow.
DNS reverse lookup
DNS Reverse Lookup (reverselookup)
Looks up the DNS entry for the source IP address.
When you enable DNS reverse lookup, you can use <host name>.<domain name> format to
specify the [Access control]=[From these hosts] settings. The host name of the accessing host
is also shown in the access log.
However, this setting reduces the processing speed of the system slightly.
Exclude these targets from the virus scan
Skip scanning for:
Host name
Hosts:
(acl_pass_to)
Skips virus scanning for connections to the specified hosts.
Usually, all data is saved and transmitted to the client only after the virus scanning has
completed. If you enable this setting, the data for connections to the specified hosts is
forwarded as soon as it is received.
For examples, see “
Access Control
”, 65.
If you edit the
Host name
setting by using the web console, the ftp pass to field is updated
in /opt/f-secure/fsigk/conf/hosts.allow.
File name or extension
Files/Extensions:
(pass_ext, pass_ext_list)
Skips virus scanning for files with the specified file names or extensions.
Separate each name with a comma (",") by using backward matching (a file is skipped if the
trailing characters of the file name match the specified file name or extension). The setting is
not case sensitive.
The setting does not apply to files contained in archived files.
The maximum length of the setting is 1999 bytes.
File size
Filesize:
(pass_filesize, pass_filesize_len)
Skips virus scanning for file data beyond the specified size.
Usually, all data is saved and transmitted to the client only after the virus scanning has
completed. If you enable this setting, the data beyond the specified length in a file is
forwarded as soon as it is received.
Note that this setting may cause that viruses contained in large files are not detected.
Maximum scanning time
Maximum scanning time
(vsd_scantimeout)
Sets a maximum time for scanning files.
If you set the value as zero, the scanning time is unlimited.
The default is 90 seconds.