kavhttpd — Kaspersky AV in HTTP mode integrated in Kernun UTM
service kavhttpd
{ bases_being_updated
| bases_check
| bases_date
| bases_last_update
| bases_redownload
| bases_update
| bases_update_slp
| hash
| keyinfo
| kill_orphans
| licinfo
| reload
| restart
| start
| status
| stop
| test
| version
}
Kavhttpd is controlled by this RC script. This page describes the special configuration parameters and commands for the RC script.
The kavhttpd is configured by rc.conf(5).
The working configuration file for
kavhttpd is created by this script from the
configuration parameters. The working configuration file for
kavhttpd is located at
/usr/local/kav_httpd/etc/kavhttpd.xml
.
The working configuration file for
keepup2date8 (the bases update program) is
created by this script from the configuration parameters. The
working configuration file for keepup2date8 is
located at
/usr/local/kav_httpd/etc/keepup2date8.xml
.
The following special variables can be set:
kavhttpd_port
The TCP port the kavhttpd should listen for connections.
kavhttpd_addr
The IP address or hostname the kavhttpd should listen for connections.
kavhttpd_maxhttpsessionsnum
The maximum number of active HTTP sessions that
are handled by KAV HTTPD simultaneously. Extra connections are
queued by the system. The queue size is defined by
kavhttpd_acceptqueuelen
.
kavhttpd_acceptqueuelen
The length of the queue of pending connections to the kavhttpd (the backlog argument to the listen(2) syscall). 0 means the system default.
kavhttpd_maxtcpfilesize
The maximum size (in bytes) of the file contents which can be passed to KAV HTTPD.
kavhttpd_sessiontimeout
The timeout for processing the request and sending the response, in milliseconds. To use an infinite timeout, set this value to 0.
kavhttpd_scannerscount
The number of scanning processes. The maximum permissible number of scanning processes is 256. Note that in out-of-process mode every scanner process uses its own copy of anti-malware database. Thus initializing with a large number of scanner processes consumes considerable time and memory resources. It is recommended to use kavhttpd_scannerscount equal to the number of CPU cores.
kavhttpd_threadscount
The maximum number of simultaneously running scanning threads. The scanning threads are distributed among scanning processes. The maximum permissible number of scanning threads is 256.
kavhttpd_queuelen
The maximum length of the scanning task queue. The queue is used in asynchronous scanning. All the scanning processes take the scanning tasks from a single queue.
kavhttpd_loglevel
0 disables logging. 1 enables full logging mode. Use this mode for debugging purposes.
The following extra commands can be used.
bases_being_updated
Checks whether the bases update is being performed at the moment. Returns 1 if yes. Returns 0 if not.
bases_check
Runs the kav internal program for checking the bases consistence.
bases_date
Prins the bases release timestamp.
bases_last_update
Prints the timestamp when the last succesful bases update has finished (either the bases were updated or they were already up-to-date).
bases_redownload
Deletes the bases and downloads it from a scratch.
bases_update
Updates the bases now. The progress is printed to log and to stderr. Eventual errors are printed to stdout. Return 0 if the update was succcessfull.
bases_update_slp
Sleeps random time (0..1800 sec) and updates the bases. The progress is printed to log and stderr. Eventual errors are printed to stdout. Return 0 if the update was succesful.
hash
Prints the configuration hash.
keyinfo
Prints the information on the KAV KEY file.
kill_orphans
Kills the eventual 'kavscanner' orphans. They may occur, when the 'kavscanner' is inappropriately killed.
licinfo
Prints the information on the KERNUN-KAV license file. Returns 0 if the license is valid.
reload
Same as restart.
restart
Restarts the kavhttpd.
start
Starts the kavhttpd.
status
Whethe the kavhttpd is running.
stop
Stops the kavhttpd.
test
[filename ...
]Performs a basic AV test: CLEAN and EICAR files are tested. Returns 0 upon success. If files are given, they are tested instead of CLEAN and EICAR. If files are given, the return code is always 0.
version
Prins the version of kavhttpd.