FPOLICY is a way to impose the restrictions/rule which can be used to generate the reports meeting certain criteria. This is needed if you wanted to check for mp3/mpeg in inappropriate directory, to allow only a certain type of file to be created in a directory etc. Following example outlines the steps to verify only .doc is allowed in CV volume.
Create a policy allow_doc of type screen
#fpolicy create allow_doc screen
Add the desired volume to policy
#fpolicy vol inc add allow_doc /vol/CV_vol
Exclude the extension(s) from policy
#fpolicy ext exclude add allow_doc docx
Define trigger when policy should kick into check the extension (while creating and renaming it)
#fpolicy monitor add allow_doc -p cifs -f create,rename
Turn on the policy
#fpolicy options allow_doc required on
#fpolicy enable allow_doc -f
Verify the settings
#fpolicy
File policy allow_doc (file screening) is enabled.
No file policy servers are registered with the filer.
Operations monitored:
File create,File rename
Above operations are monitored for CIFS only
List of extensions to screen:
???
List of extensions not to screen:
DOCX
Number of requests screened : 0
Number of screen failures : 0
Number of requests blocked locally : 6
No comments yet.