Contents x
Configuration
    • PDF
    Contents

    Configuration

      • PDF
      Article Summary

      ICAP-Plugin is shipped as a component of Glasswall Halo, with a default configuration of that ICAP-Plugin represented as a file called: config.toml that the ICAP-Plugin will read and process during booting up and while it is running.

      ICAP Plug-in Variable Settings

      app Section:

      • log_level is a string variable.
      • log_service_url is a string variable.
      • log_flush_duration is an integer variable.
      • port is an integer variable which contains port number which ICAP requests are forwarded to it, default value is 1344.
      • max_filesize is an integer variable which contains the maximum file size that can be extracted by ICAP-Plugin, default value is 10000000 bytes.
      • resp_scanner_vendor_shadow is deprecated.
      • req_scanner_vendor_shadow is deprecated.
      • bypass_extensions is an array which contains the file extensions which can’t be extracted by ICAP-Plugin and sent to GW engine, default value is an empty array.
      • process_extensions is an array which contains the file extensions which will be processed by ICAP-Plugin and sent to GW engine, default value is an asterisk meant to process all files except those defined in the bypass_extensions array. 
      • preview_bytes is an integer variable to decide the number of bytes which would be previewed if message preview is enabled.
      • preview_enabled is a boolean variable to control enabling message preview.
      • propagate_error is a boolean variable to return one of two values, if the propagate_error value is true there is a function which returns a specific value from two parameters but is it’s value is false, it returns the another value from the two parameters.
      • service_caption is a string variable which contains a brief about the services like services names or service provider name.
      • services is a array which should contain any service you are using or added in the config.toml file.
      • verify_server_cert is a bool variable to enable/disable the verification of the API services digital certificate in case TLS/SSL protocol is used.

      service name Section

      • vendor is a string variable which contains the name of the service vendor.
      • service_caption is a string variable which contains a brief about the service like service name.
      • service_tag is a string variable which is a representation of the software version or configuration of a service. An ISTag validates that previous ICAP server responses can still be considered fresh by an ICAP client that may be caching them. If a change on the ICAP server invalidates previous responses, the ICAP server can invalidate portions of the ICAP client's cache by changing its ISTag.
      • shadow_service is a bool variable to enable and disable the shadow service, shadow service is a mode of ICAP-Plugin allow extracting files from ICAP request and processing it using GW engine for logging and debugging issues not to return the clean (processed) file to the user.
      • req_mode is a bool variable to enable and disable ICAP request mode.
      • resp_mode is a bool variable to enable and disable ICAP response mode.
      • base_url is a string variable which contains the link of the API of the service.
      • scan_endpoint is a string variable which contains the endpoint which the file will be sent to.
      • api_key is a string variable which contains the API key of the service API.
      • timeout is a integer variable which contains the HTTP request which will be sent to service API timeout.
      • fail_threshold is an integer variable, if the number of detected viruses or malwares is greater than fail_threshold, this file is not secure.
      • policy is a string variable which contains the policy but before initialising it make sure that you added “\” before special characters and you can do that by using a tool such as: string escaper. You can change the policy on the fly by changing it in the config.toml file.
      • return_original_if_unprocessable_file_type is a bool variable to enable returning the original file to the user if the file type which wanted to be processed is not supported by the service API. if it equals to false, it will return a HTML file which contains information about the file.
      • return_original_if_400_response is a bool variable to enable returning the original file to the user if the HTTP response status code of the response wich returned from the service API equals to 400 which means a bad request. if it equals to false, it will return a HTML file which contains information about the file.
      Note
      ICAP-Plugin supports reading from env variable if value is not in toml file feature and it supported for any data type used in this project.

      To use this feature assume that there is an env variable called LOG_LEVEL and you want to assign LOG_LEVEL value to app.log_level, you will change the value of (log_level= "debug") to (log_level= "$_LOG_LEVEL").

      Before you use this feature please make sure that the env variable that you want to use is globally in your machine and not just exported in a local session.


      If you want to add an array as an env variable in your machine, please add a backslash before special characters like white spaces, double quotes and commas.

      Eg: export ARRAY= "[\"txt\", \"pdf\", \"dmg\", \"exe\", \"com\", \"rar\", \"unknown\"]".

      Don't forget to put the value between double quotes in case there are white spaces in the value.



      Was this article helpful?
      What's Next