Setting Esets For Scanning Of Http Communication - Transparent Mode; Setting Esets For Scanning Of Ftp Communication - Transparent Mode - ESET GATEWAY SECURITY Installation Manual

A.1. Setting ESETS for scanning of HTTP communication - transparent
mode
The HTTP communication scanning is performed using esets_http daemon. In the [http]
section of ESETS configuration file set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080
where 'listen_addr' is the address of local network interface named if0. Then restart ESETS
daemon The next step is to redirect all HTTP requests to esets_http. In case of IP-filtering
provided by ipchains administration tool an appropriate rule is:
ipchains -A INPUT -p tcp -i if0 --dport 80 \
-j REDIRECT 8080
If IP-filtering mechanism is provided by iptables administration tool, the rule is:
iptables -t nat -A PREROUTING -p tcp -i if0 \
--dport 80 -j REDIRECT --to-ports 8080
On FreeBSD, the rule is as follows:
ipfw add fwd 192.168.1.10,8080 tcp \
from any to any 80 via if0 in
On NetBSD and Solaris:
echo 'rdr if0 0.0.0.0/0 port 80 -> 192.168.1.10 \
port 8080 tcp' | ipnat -f -
A.2. Setting ESETS for scanning of FTP communication - transparent
mode
The FTP communication scanning is performed using esets_ftp daemon. In the [ftp] section
of ESETS configuration file set these parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 2121
where 'listen_addr' is the address of local network interface named if0. Then restart ESETS
daemon The next step is to redirect all FTP requests to esets_ftp. In case of IP-filtering provided
by ipchains administration tool an appropriate rule is:
ipchains -A INPUT -p tcp -i if0 --dport 21 \
-j REDIRECT 2121
If IP-filtering mechanism is provided by iptables administration tool, the rule is:
34 ESET Gateway Security