vcf

vcf — Vela Content Vectoring Server

Synopsis

vcf [options]

Description

The Vela Content Vectoring Server (VCF) is a content scanning framework providing stream and file scanning services for vela(8). VCF runs as a separate application and can be accessed over TCP, UNIX domain sockets and standard input and output file handles. The behaviour of VCF can be controlled via the vcf.cfg(5) configuration file.

Options

--verbose <verbosity> or -v <verbosity>

Set verbosity level to <verbosity>, or if <verbosity> is omitted increment it by one. Default the verbosity level is 3; possible values are 0-10.

--no-syslog or -l

Send log messages to the standard output instead of syslog. This option implies foreground mode, overriding the contradicting process options if present.

--log-spec <spec> or -s <spec>

Set verbosity mask on a per category basis. The format of this value is described in vela(8).

--log-tags or -T

Enable logging of message tags.

--foreground or -F

Do not daemonize, run in the foreground.

--help or -h

Display a brief help message.

--vela-mode <ctrl-fd> or -z <ctrl-fd>

Start in Vela mode using the <ctrl-fd> file descriptor and remain in the foreground. In this mode only a single scan is performed on the data on the standard input. Results are sent to the standard output. (Naturally, log messages are not sent to the standard output in this mode, as this would interfere with the scanning results.) This mode is used mainly for testing purposes.

--rule-group <rule-group> or -R <rule-group>

The value for the vcf_rule_group routing variable in Vela mode.

--config <file> or -c <file>

Use the configuration file <file> instead of the default /etc/vcf/vcf.cfg file.

--pidfile <file> or -P <file>

Use <file> as pid file instead of the default /var/run/vcf/vcf.pid file.

Operation

VCF scans the contents of incoming streams. VCF has multiple channels, each performing a possibly different set of actions on the incoming stream. These channels are called "scanpaths", i.e. a scanpath is an ordered set of modules and their associated settings. The scanpath to be used is selected based on meta information provided by Vela and meta information gathered about the stream by VCF itself. This scanpath selection mechanism is called "routing decision" and is controlled by the router rules.

To summarize, VCF operates as follows: A connection is established between Vela and VCF. VCF selects a scanpath (i.e. makes the routing decision) based the collected information, the router rules and information received from Vela. The scanpath determines the modules to use and their associated settings. After the modules process the data received in the stream, the result of the scanning operation is sent back to Vela.

Files

/etc/vcf/

The routing and configuration file formats are described in /etc/vcf/vcf.cfg and /etc/vcf/router.cfg.

Author

This manual page was written by the BalaSys Documentation Team <documentation@balasys.hu>.

Copyright

Copyright © 1996-2024 Balasys IT Zrt. All rights reserved.

Previous Up Next
 Home