Appendix A. Esets Setup And Configuration; Setting Esets For Scanning Of Http Communication - Transparent Mode; Setting Esets For Scanning Of Ftp Communication - Transparent Mode; Setting Esets For Scanning Of Icap Encapsulated Http Messages - ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS Installation Manual
Table of Contents
Advertisement
9. Appendix A. ESETS setup and configuration
9.1 Setting ESETS for scanning of HTTP communication - transparent mode
HTTP scanning is performed using the esets_http daemon. In the [http] section of the ESETS configuration file, set
the following parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 8080
In the example above, 'listen_addr' is the address of the local network interface named 'if0'. Restart the ESETS
daemon. The next step is to redirect all HTTP requests to esets_http. If IP-filtering is being performed by the ipchains
administration tool, an appropriate rule would be:
ipchains -A INPUT -p tcp -i if0 --dport 80 -j REDIRECT 8080
If IP-filtering is being performed by the iptables administration tool, the rule is:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 80 -j REDIRECT --to-ports 8080
On FreeBSD, the rule is:
ipfw add fwd 192.168.1.10,8080 tcp from any to any 80 via if0 in
On NetBSD and Solaris, the rule is:
echo 'rdr if0 0.0.0.0/0 port 80 -> 192.168.1.10 port 8080 tcp' | ipnat -f -
9.2 Setting ESETS for scanning of FTP communication - transparent mode
FTP scanning is performed using the esets_ftp daemon. In the [ftp] section of the ESETS configuration file, set the
following parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 2121
In the above example, 'listen_addr' is the address of the local network interface named 'if0'. Restart the ESETS
daemon. Then, redirect all FTP requests to esets_ftp. If IP-filtering is being performed by the ipchains administration
tool, an appropriate rule would be:
ipchains -A INPUT -p tcp -i if0 --dport 21 -j REDIRECT 2121
If IP-filtering is being performed by the iptables administration tool, the rule is:
iptables -t nat -A PREROUTING -p tcp -i if0 --dport 21 -j REDIRECT --to-ports 2121
On FreeBSD, the rule is:
ipfw add fwd 192.168.1.10,2121 tcp from any to any 21 via if0 in
On NetBSD and Solaris, the rule is:
echo 'rdr if0 0.0.0.0/0 port 21 -> 192.168.1.10 port 2121 tcp' | ipnat -f -
9.3 Setting ESETS for scanning of ICAP encapsulated HTTP messages
ICAP encapsulated HTTP message scanning is performed using the esets_icap daemon. In the [icap] section of the
ESETS configuration file, set the following parameters:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 1344
In the example above, 'listen_addr' is the address of the local network interface named 'if0'. After adding these
parameters, restart the ESETS daemon.
25
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
Related Products for ESET GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS
- ESET MAIL SECURITY - ANNEXE 209
- ESET MAIL SECURITY - FOR LINUX BSD AND SOLARIS
- ESET MAIL SECURITY 4
- ESET MAIL SECURITY 4 - FOR MICROSOFT EXCHANGE SERVER 2000-2003-2008
- ESET MAIL SECURITY 4 - V4.2 FOR MICROSOFT EXCHANGE SERVER
- ESET MOBILE ANTIVIRUS - ANNEXE 480
- ESET MOBILE ANTIVIRUS - FOR WINDOWS MOBILE
Need help?
Do you have a question about the GATEWAY SECURITY - FOR LINUX BSD AND SOLARIS and is the answer not in the manual?