Manual Pages
Table of Contents
na_vscan - control virus scanning for files on the filer
vscan
vscan extensions { include | exclude } [ reset | set ext_list
| add ext-list | remove ext-list ]
vscan [ on [-f] | off ]
vscan options timeout [ reset | set <value> ]
vscan options abort_timeout [ reset | set <value> ]
vscan options mandatory_scan [ on | off ]
vscan options use_host_scanners [ on | off ]
vscan options client_msgbox [ on | off ]
vscan reset
vscan scanners [stop scanner-IP-address | secondary_scanners
[ scanner-IP-address [, scanner-IP-address ]]]
The vscan command allows for control and configuration of
virus scanning for files on the filer.
vscan
Displays vscan settings and provides summary information
about scan requests. This information includes
- -
- Whether virus scan is enabled or disabled
- -
- A list of virus scanners that are currently
connected to the filer. The list contains the IP
address and the name of the virus scanner, if the
scanner is a primary or secondary, the length of
time the scanner has been connected to the filer,
the number of requests serviced by the scanner and
how many failures were reported by the scanner.
Note, this information is reset when a scanner disconnects
and then reconnects again.
- -
- A list of file extensions that will cause the
filer to request a scan.
- -
- A list of file extensions that are specifically
exempt from scanning.
- -
- The total number of files that have been
scanned since vscan was last enabled
- -
- The number of scan failures that have been
reported. Failures include scans which have
detected viruses, scan requests which timed out and
client requests which would normally trigger a scan
but for which no scanners were available
The counts for a scanner are set to zero when it
connects (or reconnects) to the filer. The vscan
totals and counts for each scanner are zeroed when
vscan is enabled. This occurs, for example, when
the filer boots, when cifs is restarted, or when
the command `vscan on' is entered on the filer console.
Because of this, the overall filer totals
will not necessarily match the totals obtained by
adding the values for the scanners.
vscan extensions { include | exclude } [ reset | set ext_list
| add ext-list | remove ext-list ]
ext-list is a comma separated list of at most six letters
file extensions. The include list determines if a given
file should be scanned for viruses. The exclude list
determines if a given file should not be scanned for
viruses. If an extension is listed on both the exclude and
the include list, then files with that extension are not
scanned for viruses. If an extension is not listed on
either the include list or the exclude list, then files
with that extension are not scanned for viruses. The character
? is a wild card. When it is not the last character,
it matches any single character. When it is the last
character, or part of a trailing sequence of ? , it
matches any number of characters (0, 1 or more). The
exception is if it is in the first or second position,
when it matches any or no character only.
For example, putting C?? into the extension list would
cause the filer to scan the files ABC.C, ABC.CPP, ABC.C++,
ABC.CPLUS and so on.
For example, putting C? into the extension list would
cause the filer to scan the files ABC.C, ABC.CP and so on;
but not ABC.CPP
For example, putting A?C into the extension list would
cause the filer to scan the files ABC.ABC, ABC.ACC and so
on; but not ABC.AC
For example, putting ? into the extension list would
cause the filer to scan the files ABC.A, ABC.C, ABC and so
on; but not ABC.AC
Usage of
vscan extensions command ext-list
has been deprecated. Instead, please use
vscan extensions include command ext-list
vscan extensions { include | exclude }
Displays the current file extension list.
vscan extensions { include | exclude } reset
Restores the file extension list to a default list provided
by Network Appliance.
vscan extensions { include | exclude } set ext-list
Specifies a new extension list which replaces the current
list.
vscan extensions { include | exclude } add ext-list
Adds new entries to the current file extension list.
vscan extensions { include | exclude } remove ext-list
Removes entries from the current file extension list.
vscan [ on [-f] | off ]
Enables/disables on-access virus scanning for files on the
filer. The f flag forces virus scanning to be enabled
even if there are no vscan servers available to scan files
for the filer.
vscan options
Displays the current values of the virus scan options.
vscan options timeout [ reset | set <value> ]
Displays the current virus scan timeout value in seconds.
This value determines how long the filer will wait for the
vscan server to perform a virus scan request. After this
time period elapses, the filer allows the scan to continue
but contacts the vscan server to ensure that it is still
functioning and is still scanning the file. This allows
the filer to detect and recover from a vscan server failure
which occurs while a scan is in progress. The timeout
value may be reset to a NetApp-provided default value. It
is also possible to set the timeout.
vscan options abort_timeout [ reset | set <value> ]
Displays the current virus scan abort_timeout value in
seconds. This value determines how long the filer will
wait for the vscan server to perform a virus scan request.
Even if the file is still being scanned, the filer will
abort the scan. The filer may deny access to the file if
this time period elapses, depending on the setting for the
vscan option mandatory_scan. The timeout value may be
reset to a NetApp-provided default value. It is also possible
to set the timeout. Note that setting the timeout to
0 disables this option. If the abort_timeout setting is 0,
the filer will wait forever for a scan to complete as long
as the vscan server reports that it is making progress.
vscan options mandatory_scan [ on | off ]
Displays the current setting for the mandatory_scan
option. If set to "on", then access to files will be
denied if a virus scan cannot be performed, for example
because no scanners are available. If this option is set
to "off" then access to files is allowed if it is not possible
to scan the file.
vscan options use_host_scanners [ on | off ]
Displays the current setting for the use_host_scanners
option. If set to "on", then vfilers will be allowed to
use vscan servers which are registered with the hosting
filer. If this option is set to "off" then a vfiler can
only use vscan servers which have registered to the
vfiler's IP address.
vscan options client_msgbox [ on | off ]
Displays the current setting for the client_msgbox option.
If set to "on", the filer will attempt to send a pop-up
MsgBox to the opener of an infected file.
vscan reset
Discards cached information of files that have been successfully
scanned.
vscan scanners [stop scanner-IP-address | secondary_scanners
[ scanner-IP-address [, scanner-IP-address ]]]
Displays a list of vscan servers which have offered to
scan files for the filer, or terminates the connection to
a specified vscan server, or specifies which vscan
server(s) should be classified as secondary scanners. Secondary
scanners are not used by the filer to perform scans
unless there are no primary scanners available. To remove
all secondary scanners from the list, use a pair of double
quotes ("") as the argument.
Filer1> vscan
Virus scanning is enabled.
Virus scanners(IP and Name) P/S Connect time (dd:hh:mm) Reqs Fails
----------------------------------------------------------------------------
100.400.100.10 \C5-4 Pri 00:00:45 138 1
102.101.100.99 \CCOLIN-WIN2K Pri 00:00:32 120 0
List of extensions to scan:
ARJ,ASP,BAT,BIN,DOC,DOT,DRV,EXE,INI,SYS,VBS
List of extensions not to scan:
Extensions-not-to-scan list is empty.
Number of files scanned: 158
Number of scan failures: 1
When run from a vfiler context, (e.g. via the vfiler run
command), vscan operates on the concerned vfiler.
na_vfiler(1)
Table of Contents