Fortinet 100A Router User Manual


 
Antivirus config antivirus service http
FortiGate-100A Administration Guide 01-28007-0068-20041203 301
config antivirus service http
unset <keyword>
end
get antivirus service [http]
show antivirus service [http]
How file size limits work
The memfilesizelimit is applied first to all incoming files, compressed or
uncompressed. If the file is larger than the limit the file is passed or blocked according
to the user configuration in the firewall profile.
The uncompsizelimit applies to the uncompressed size of the file. If other files are
included within the file, the uncompressed size of each one is checked against the
uncompsizelimit value. If any one of the uncompressed files is larger than the
limit, the file is passed without scanning, but the total size of all uncompressed files
within the original file can be greater than the uncompsizelimit.
antivirus service http command keywords and variables
Keywords and
variables
Description Default Availability
memfilesizelimit
<MB_integer>
Set the maximum file size (in megabytes)
that can be buffered to memory for virus
scanning.
The maximum file size allowed is 10% of the
FortiGate RAM size. For example, a
FortiGate unit with 256 MB of RAM could
have a threshold range of 1 MB to 25 MB.
Note: For email scanning, the oversize
threshold refers to the final size of the email
after encoding by the email client, including
attachments. Email clients may use a variety
of encoding types and some encoding types
translate into larger file sizes than the
original attachment. The most common
encoding, base64, translates 3 bytes of
binary data into 4 bytes of base64 data. So a
file may be blocked or logged as oversized
even if the attachment is several megabytes
less than the configured oversize threshold.
10 (MB) All models.
port
<port_integer>
Configure antivirus scanning on a
nonstandard port number or multiple port
numbers for HTTP. You can use ports from
the range 1-65535. You can add up to 20
ports.
80 All models.
uncompsizelimit
<MB_integer>
Set the maximum uncompressed file size
that can be buffered to memory for virus
scanning. Enter a value in megabytes
between 1 and the total memory size. Enter
0 for no limit (not recommended).
10 (MB) All models.