kavhttpd — Kaspersky AV in HTTP mode integrated in Kernun UTM
service kavhttpd { bases_being_updated | bases_check | bases_date | bases_last_update | bases_redownload | bases_update | bases_update_slp | hash | keyinfo | kill_orphans | licinfo | reload | restart | start | status | stop | test | version }
Kavhttpd is controlled by this RC script. This page describes the special configuration parameters and commands for the RC script.
The kavhttpd is configured by rc.conf(5).
The working configuration file for
kavhttpd is created by this script from the
configuration parameters. The working configuration file for
kavhttpd is located at
/usr/local/kav_httpd/etc/kavhttpd.xml.
The working configuration file for
keepup2date8 (the bases update program) is
created by this script from the configuration parameters. The
working configuration file for keepup2date8 is
located at
/usr/local/kav_httpd/etc/keepup2date8.xml.
The following special variables can be set:
kavhttpd_portThe TCP port the kavhttpd should listen for connections.
kavhttpd_addrThe IP address or hostname the kavhttpd should listen for connections.
kavhttpd_maxhttpsessionsnumThe maximum number of active HTTP sessions that
are handled by KAV HTTPD simultaneously. Extra connections are
queued by the system. The queue size is defined by
kavhttpd_acceptqueuelen.
kavhttpd_acceptqueuelenThe length of the queue of pending connections to the kavhttpd (the backlog argument to the listen(2) syscall). 0 means the system default.
kavhttpd_maxtcpfilesizeThe maximum size (in bytes) of the file contents which can be passed to KAV HTTPD.
kavhttpd_sessiontimeoutThe timeout for processing the request and sending the response, in milliseconds. To use an infinite timeout, set this value to 0.
kavhttpd_scannerscountThe number of scanning processes. The maximum permissible number of scanning processes is 256. Note that in out-of-process mode every scanner process uses its own copy of anti-malware database. Thus initializing with a large number of scanner processes consumes considerable time and memory resources. It is recommended to use kavhttpd_scannerscount equal to the number of CPU cores.
kavhttpd_threadscountThe maximum number of simultaneously running scanning threads. The scanning threads are distributed among scanning processes. The maximum permissible number of scanning threads is 256.
kavhttpd_queuelenThe maximum length of the scanning task queue. The queue is used in asynchronous scanning. All the scanning processes take the scanning tasks from a single queue.
kavhttpd_loglevel0 disables logging. 1 enables full logging mode. Use this mode for debugging purposes.
The following extra commands can be used.
bases_being_updatedChecks whether the bases update is being performed at the moment. Returns 1 if yes. Returns 0 if not.
bases_checkRuns the kav internal program for checking the bases consistence.
bases_datePrins the bases release timestamp.
bases_last_updatePrints the timestamp when the last succesful bases update has finished (either the bases were updated or they were already up-to-date).
bases_redownloadDeletes the bases and downloads it from a scratch.
bases_updateUpdates the bases now. The progress is printed to log and to stderr. Eventual errors are printed to stdout. Return 0 if the update was succcessfull.
bases_update_slpSleeps random time (0..1800 sec) and updates the bases. The progress is printed to log and stderr. Eventual errors are printed to stdout. Return 0 if the update was succesful.
hashPrints the configuration hash.
keyinfoPrints the information on the KAV KEY file.
kill_orphansKills the eventual 'kavscanner' orphans. They may occur, when the 'kavscanner' is inappropriately killed.
licinfoPrints the information on the KERNUN-KAV license file. Returns 0 if the license is valid.
reloadSame as restart.
restartRestarts the kavhttpd.
startStarts the kavhttpd.
statusWhethe the kavhttpd is running.
stopStops the kavhttpd.
test [filename ...]Performs a basic AV test: CLEAN and EICAR files are tested. Returns 0 upon success. If files are given, they are tested instead of CLEAN and EICAR. If files are given, the return code is always 0.
versionPrins the version of kavhttpd.