How file size limits work – Fortinet 100A User Manual

Page 301

Advertising
background image

Antivirus

config antivirus service http

FortiGate-100A Administration Guide

01-28007-0068-20041203

301

config antivirus service http

unset <keyword>

end

get antivirus service [http]

show antivirus service [http]

How file size limits work

The memfilesizelimit is applied first to all incoming files, compressed or

uncompressed. If the file is larger than the limit the file is passed or blocked according
to the user configuration in the firewall profile.

The uncompsizelimit applies to the uncompressed size of the file. If other files are

included within the file, the uncompressed size of each one is checked against the
uncompsizelimit value. If any one of the uncompressed files is larger than the

limit, the file is passed without scanning, but the total size of all uncompressed files
within the original file can be greater than the uncompsizelimit.

antivirus service http command keywords and variables

Keywords and
variables

Description

Default

Availability

memfilesizelimit
<MB_integer>

Set the maximum file size (in megabytes)

that can be buffered to memory for virus

scanning.
The maximum file size allowed is 10% of the

FortiGate RAM size. For example, a

FortiGate unit with 256 MB of RAM could

have a threshold range of 1 MB to 25 MB.
Note: For email scanning, the oversize

threshold refers to the final size of the email

after encoding by the email client, including

attachments. Email clients may use a variety

of encoding types and some encoding types

translate into larger file sizes than the

original attachment. The most common

encoding, base64, translates 3 bytes of

binary data into 4 bytes of base64 data. So a

file may be blocked or logged as oversized

even if the attachment is several megabytes

less than the configured oversize threshold.

10 (MB)

All models.

port
<port_integer>

Configure antivirus scanning on a

nonstandard port number or multiple port

numbers for HTTP. You can use ports from

the range 1-65535. You can add up to 20

ports.

80

All models.

uncompsizelimit
<MB_integer>

Set the maximum uncompressed file size

that can be buffered to memory for virus

scanning. Enter a value in megabytes

between 1 and the total memory size. Enter

0 for no limit (not recommended).

10 (MB)

All models.

Advertising
Popular Brands
Popular manuals