How do I bypass ICAP scanning for audio, video, Flash, and streaming content?


<< Back to Knowledge Search

Solution

Overview

How do I use CPL  to bypass ICAP scanning for audio, video, flash content and content downloads that take too long or never end?

Cause
Resolution

To bypass ICAP for audio, video, Flash content and for content downloads that never end, such as stock tickers, copy the CPL below to your local policy file.

  1. Launch the ProxySG Management Console and go to Configuration > Policy > Policy Files > Policy Files .
  2. Select Text Editor in the Install Local File from: drop-down menu.
  3. Copy and paste the following CPL into the text editor.
    Note: You need to substitute the <RESPMOD_SERVICE_NAME> for the name of your icap response service.

<cache>

;Rule 1:
url.scheme=http condition=VIDEO_AUDIO_NO_TO_LARGE_CONTENT_LENGTH response.icap_service(no)

;Rule 2: exempts http traffic with user-agent headers of known problematic clients applications from scanning
url.scheme=http condition=SHOUTCAST response.icap_service(no)

;Rule 3: scans all transactions not match by Rule 1 or Rule 2
response.icap_service(<RESPMOD_SERVICE_NAME>)

;Combo condition for both content length too long (1) and streaming media type (2):
define condition VIDEO_AUDIO_NO_TO_LARGE_CONTENT_LENGTH
condition=NO_TO_LARGE_CONTENT_LENGTH condition=MEDIA_MIME_TYPES
end condition VIDEO_AUDIO_NO_TO_LARGE_CONTENT_LENGTH

;Condition 1: exempts http traffic from scanning with content-length headers that are missing or too large
define condition NO_TO_LARGE_CONTENT_LENGTH

;Catch response without a content-length header
response.header.Content-Length=!""

;Catch content-lengths greater than 999999 bytes. Can +/- as desired.
response.header.Content-Length=!"^[0-9]{1,6}$"
end condition NO_TO_LARGE_CONTENT_LENGTH

;Condition 2: defining streaming media mime types for filter identification
define condition MEDIA_MIME_TYPES

;Additional mime-types can be added to this condition
url.extension=flv
url.extension=swf
request.x_header.x-flash-version=""
response.header.Content-Type="video/(x-|)flv"
response.header.Content-Type="video/(x-|)flv"
response.header.Content-Type="video/(x-|)flash"
http.response.data.4.regex.case_sensitive="^CWS[0-9]"
http.response.data.4.regex.case_sensitive="^FWS[0-9]"
response.header.Content-Type="video/"
response.header.Content-Type="application/streamingmedia"
response.header.Content-Type="application/x-streamingmedia"
response.header.Content-Type="application/vnd.rn"
response.header.Content-Type="application/ogg"
response.header.Content-Type="application/x-ogg"
response.header.Content-Type="audio/"

;Catch webcams that send streams of images as multipart/x-mixed-replace type.
response.header.Content-Type="multipart/x-mixed-replace"
end condition MEDIA_MIME_TYPES

;Any changes or additions to the Winamp user-agent can be made in this condition
define condition WINAMPUSERAGENTS
request.header.User-Agent="Winamp"
end condition WINAMPUSERAGENTS

define condition SHOUTCAST
http.response.version=0.9 condition=WINAMPUSERAGENTS
end condition SHOUTCAST

 

  1. Click Install to close the text editor
  2. Apply your policy.
Workaround
Additional Information
Bug Number
InQuira Doc IdKB4673
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      ProxyAV 3, SGOS 5, SGOS 6
Article Number      000010131
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat