Trying to bypass RTMP traffic from ICAP

book

Article ID: 167041

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

When trying to bypass RTMP traffic using KB4673, some RTMP traffic still matches the icap policy and fails due to icap scanning.  

Resolution

In KB4673 it discusses how to bypass and match RTMP protocol types from being sent to antivirus scanning.  This works for the majority of RTMP traffic. 

To resolve this issue add the following CPL code to your local files polices. 

1-  Go to Configuration > Policy > Policy Files > Install local file from: " Select "Text Editor" can click install. 

2- At the bottom of the policy or within the CPL code provided from KB4673 add the following to KB4673 under the section labeled:

;Condition 2: defining streaming media mime types for filter identification
define condition MEDIA_MIME_TYPES
  
response.header.Content-Type="application/x-fcs"

3- Click Install. 

 

Now RTMP traffic that matches this application type will not be