Kerio Tech Firewall6 User Manual

Chapter 13

Antivirus control

184

Scanning rules are ordered in a list and processed from the top. Arrow buttons on the right can

be used to change the order. When a rule which matches the object is found, the appropriate

action is taken and rule processing is stopped.

New rules can be created in the dialog box which is opened after clicking the Add button.

Figure 13.8

Definition of an HTTP/FTP scanning rule

Description

Description of the rule (for reference of the WinRoute administrator only)

Condition

Condition of the rule:

•

HTTP/FTP filename

— this option filters out certain filenames (not entire URLs) transmitted by FTP

or HTTP (e.g. *.exe, *.zip, etc.).
If only an asterisk is used for the specification, the rule will apply to any file

transmitted by HTTP or FTP.

The other two conditions can be applied only to HTTP:

•

MIME type

— MIME types can be specified either by complete expressions (e.g. image/jpeg)

or using a wildcard matching (e.g. application/*).

•

URL — URL of the object (e.g. www.kerio.com/img/logo.gif), a string specified

by a wildcard matching (e.g. *.exe) or a server name (e.g. www.kerio.com).
Server names represent any URL at a corresponding server (www.kerio.com/*).

If a MIME type or a URL is specified only by an asterisk, the rule will apply to any HTTP

object.