9. Python code summary

When configured according to this tutorial, the related configuration files of Application-level Gateway and CF should look something like this:

vcf.cfg

<!--
 This file is generated by the Management System. Do not edit!
-->
<configuration name="VCF">
  <section name="router">
    <router>/etc/vcf/router.cfg</router>
  </section>
  <section name="misc">
    <tempdir>/var/lib/vela/tmp</tempdir>
    <magic_length>1500</magic_length>
  </section>
  <section name="bind">
    <unix>/var/run/vcf/vcf.sock</unix>
    <ip/>
    <port>1318</port>
  </section>
  <section name="log">
    <loglevel>3</loglevel>
    <logtags>1</logtags>
  </section>
  <section name="blob">
    <max_disk_usage>1074790400</max_disk_usage>
    <max_mem_usage>268435456</max_mem_usage>
    <lowat>100663296</lowat>
    <hiwat>134217728</hiwat>
    <noswap_max>16384</noswap_max>
  </section>
</configuration>
<configuration name="scanpaths">
  <section name="http">
    <plugins>clamav:clamav</plugins>
    <quarantine_mode>rejected</quarantine_mode>
    <threshold_oversize>10485760</threshold_oversize>
    <oversize_action>accept</oversize_action>
    <trickle_mode>percent</trickle_mode>
    <trickle_percent>10</trickle_percent>
    <magic_force>0</magic_force>
    <gzip_detect>1</gzip_detect>
    <gzip_level>4</gzip_level>
    <gzip_strip>extra</gzip_strip>
    <accept_corrupted_file>0</accept_corrupted_file>
    <accept_encrypted_file>0</accept_encrypted_file>
    <accept_unknown_packed_file>0</accept_unknown_packed_file>
    <accept_file_with_warning>0</accept_file_with_warning>
    <accept_on_os_error>0</accept_on_os_error>
    <accept_on_engine_error>0</accept_on_engine_error>
    <accept_on_license_error>0</accept_on_license_error>
  </section>
</configuration>
<configuration name="module-options">
  <section name="vbuster">
    <archive_max_size>10</archive_max_size>
    <archive_max_ratio>100</archive_max_ratio>
    <vdb_error_soft_fail>0</vdb_error_soft_fail>
  </section>
  <section name="nod32">
    <archive_max_size>10</archive_max_size>
    <daemon_timeout>60</daemon_timeout>
    <daemon_socket>/var/run/nod32/nod32d.sock</daemon_socket>
    <temp_directory>/tmp</temp_directory>
  </section>
</configuration>
<configuration name="clamav">
  <section name="clamav">
    <mode>file</mode>
    <scan_packed>1</scan_packed>
  </section>
</configuration>

router.cfg

#
# This file is generated by the Management System. Do not edit!
#
vcf_rule_group="http" http

policy.py

class HttpVirusProxy(HttpProxy):
    def config(self):
        HttpProxy.config(self)
        self.response_stack["GET"]=(HTTP_STK_DATA, (V_STACK_PROVIDER, "CF", "http_get"))
        self.response_stack["POST"]=(HTTP_STK_DATA, (V_STACK_PROVIDER, "CF", "http"))
        self.request_stack["POST"]=(HTTP_STK_MIME, (V_STACK_PROVIDER, "CF", "http"))
        self.response_header["Accept-Ranges"]=(HTTP_HDR_REPLACE, "NONE")
        self.response_header["A-IM"]=HTTP_HDR_DROP
        self.request_header["Range"]=HTTP_HDR_ABORT
def demo_instance() :
    Service(name='demo_instance/intra_http_inter', router=TransparentRouter(), chainer=ConnectChainer(), proxy_class=HttpVirusProxy, max_instances=0, max_sessions=0, keepalive=V_KEEPALIVE_NONE)

    Rule(rule_id=1,
    src_zone=('*', ),
    dst_zone=('internet', ),
    proto=6,
    service='demo_instance/intra_http_inter'
    )