When configured according to this tutorial, the related configuration files of Zorp and ZCV should look something like this:
zcv.cfg.
<!--
This file is generated by the Management System. Do not edit!
-->
<configuration name="zcv">
<section name="router">
<router>/etc/zcv/router.cfg</router>
</section>
<section name="misc">
<tempdir>/var/lib/zorp/tmp</tempdir>
<magic_length>1500</magic_length>
</section>
<section name="bind">
<unix>/var/run/zcv/zcv.sock</unix>
<ip/>
<port>1318</port>
</section>
<section name="log">
<loglevel>3</loglevel>
<logtags>1</logtags>
</section>
<section name="blob">
<max_disk_usage>1074790400</max_disk_usage>
<max_mem_usage>268435456</max_mem_usage>
<lowat>100663296</lowat>
<hiwat>134217728</hiwat>
<noswap_max>16384</noswap_max>
</section>
</configuration>
<configuration name="scanpaths">
<section name="http">
<plugins>clamav:clamav</plugins>
<quarantine_mode>rejected</quarantine_mode>
<threshold_oversize>10485760</threshold_oversize>
<oversize_action>accept</oversize_action>
<trickle_mode>percent</trickle_mode>
<trickle_percent>10</trickle_percent>
<magic_force>0</magic_force>
<gzip_detect>1</gzip_detect>
<gzip_level>4</gzip_level>
<gzip_strip>extra</gzip_strip>
<accept_corrupted_file>0</accept_corrupted_file>
<accept_encrypted_file>0</accept_encrypted_file>
<accept_unknown_packed_file>0</accept_unknown_packed_file>
<accept_file_with_warning>0</accept_file_with_warning>
<accept_on_os_error>0</accept_on_os_error>
<accept_on_engine_error>0</accept_on_engine_error>
<accept_on_license_error>0</accept_on_license_error>
</section>
</configuration>
<configuration name="module-options">
<section name="vbuster">
<archive_max_size>10</archive_max_size>
<archive_max_ratio>100</archive_max_ratio>
<vdb_error_soft_fail>0</vdb_error_soft_fail>
</section>
<section name="nod32">
<archive_max_size>10</archive_max_size>
<daemon_timeout>60</daemon_timeout>
<daemon_socket>/var/run/nod32/nod32d.sock</daemon_socket>
<temp_directory>/tmp</temp_directory>
</section>
</configuration>
<configuration name="clamav">
<section name="clamav">
<mode>file</mode>
<scan_packed>1</scan_packed>
</section>
</configuration>router.cfg.
# # This file is generated by the Management System. Do not edit! # zcv_rule_group="http" http
policy.py.
class HttpVirusProxy(HttpProxy):
def config(self):
HttpProxy.config(self)
self.response_stack["GET"]=(HTTP_STK_DATA, (Z_STACK_PROVIDER, "ZCV", "http_get"))
self.response_stack["POST"]=(HTTP_STK_DATA, (Z_STACK_PROVIDER, "ZCV", "http"))
self.request_stack["POST"]=(HTTP_STK_MIME, (Z_STACK_PROVIDER, "ZCV", "http"))
self.response_header["Accept-Ranges"]=(HTTP_HDR_REPLACE, "NONE")
self.response_header["A-IM"]=HTTP_HDR_DROP
self.request_header["Range"]=HTTP_HDR_ABORT
def demo_instance() :
Service(name='demo_instance/intra_http_inter', router=TransparentRouter(), chainer=ConnectChainer(), proxy_class=HttpVirusProxy, max_instances=0, max_sessions=0, keepalive=Z_KEEPALIVE_NONE)
Rule(rule_id=1,
src_zone=('*', ),
dst_zone=('internet', ),
proto=6,
service='demo_instance/intra_http_inter'
)Published on May 30, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
