4.1.2. Procedure – CF — Configuring the zorp-utils package

Purpose: 

If you are installing CF, then configure the zavupdate tool that updates the databases of the virus filtering engines:

Steps: 

Each level includes the logs of the levels above, for example, Verbose logging will include all errors and successful update messages too.

1. FTP proxy: The zavupdate application can download database updates through FTP or HTTP. Enter the URL of the FTP proxy to be used (or NONE if the updates can be downloaded directly without using a proxy server).

   

   Figure 4.3. Configuring zorp-utils - Configuring the FTP proxy for database updates

2. HTTP proxy: The zavupdate application can download database updates through FTP or HTTP. Type the URL of the HTTP proxy to be used (or NONE if the updates can be downloaded directly without using a proxy server).

   

   Figure 4.4. Configuring zorp-utils - Configuring the HTTP proxy for database updates

3. Send update logs in e-mail: zavupdate can send the logs of the periodic AV update to the administrator through e-mail. Type the address of the administrator and the subject to be used in these e-mails. If you do not want e-mail notifications, enter NONE.

   

   Figure 4.5. Configuring zorp-utils - Specifying the administrator's e-mail address

   Note
   It is not advised to use a personal email address. Instead, use an address of a shared folder that can be accessible to whom it belongs. It can also be the address of a mailing list. In this way, more than one administrator can be notified at the same time, and the archive of the messages can be accessed by more than administrator.

4. Specifying e-mail prefix: zavupdate can add a prefix to the subject of the e-mails it sends to make sorting the messages easier for the administrator. Type a prefix (for example the name of the host in square brackets), or leave these fields blank. You can use command subtitution using backticks (`) to include the output of any Linux shell command in the subject. This command will be run before sending the e-mail and the output of the command will be the prefix of the e-mail.

   Note

   This setting can only be changed manually later. Therefore, make sure that you enter a value that you will not want to change. As a best practice, use a command rather than a fixed name. A command will dynamically follow the changes to your infrastructure, however, a fixed name will not. For example, if you use the name of the host myhost1 and later you rename your host myhost2, you will still be receiving emails with the myhost1 prefix and that can be confusing.

   

   Figure 4.6. Configuring zorp-utils - Specifying a prefix for the administrator's e-mail messages

   In practice, it can be used in your mail client (or on the mail server) to move these mails (with the given prefix) automatically to a subfolder in the inbox. Also, to differentiate between e-mails originating from several firewalls. This can be especially useful if for example you have several firewalls and you want to easily identify the firewall that had an unsuccessful update.

   Example 4.1.
   For example, if you use hostname --long as prefix, you can later determine the exact origin of the message from the prefix, because it will display as the Fully Qualified Domain Name (FQDN) of the host.

   Note
   If you want to change this setting later, you can reconfigure zorp-utils with the following terminal command: dpkg-reconfigure zorp-utils

5. Verbosity level of zavupdate: Select the level of verbosity of zavupdate.

   

   Figure 4.7. Configuring zorp-utils - Configuring the verbosity of zavupdate — options