Customizing Active Update settings

Some Active Update settings, such as the number of the port to which SNS firewalls must connect, or the frequency of automatic updates, cannot be configured in the SMC web interface. However, these settings can be modified in a configuration file.

In this file, you can also indicate an HTTPS proxy to contact, which will serve as a link between SMC and the Stormshield update server, if you wish.

1. Open the /data/config/activeupdate/config.ini file.

   [General]
   State=false
   Port=8081
   Host=0.0.0.0
   
   [Sync]
   Source=https://update1-sns.stormshieldcs.eu/package
   Categories=ALL
   Tries=3
   AutoUpdate=false
   AutoUpdatePeriod=0 */3 * * *
   
   [Proxy]
   Host=
   Port=
   User=
   Password=
   CAPath=

2. Change the settings as desired:

   State	Enables the Active Update server on SMC.
   Port	Port of the SMC server on which SNS firewalls must connect.
   Host	Network interfaces on which the SMC server listens.  Replace this value with eth0, eth1 for example to indicate that only interfaces eth0 and eth1 are used.
   Source	URL of the Stormshield server from which Active Update databases are downloaded.
   Categories	List of Active Update databases that you wish to download from the SMC server. The values of the database categories are as follows. Separate them with commas. Database category Value All databases ALL Antispam: DNS blacklists ANTISPAM Antispam: heuristic engine VADERETRO Embedded URL database URLFILTERING Antivirus: ClamAV antivirus signatures CLAMAV Antivirus: antivirus signatures of the previous Advanced Antivirus service KASPERSKY Antivirus: antivirus signatures of the new Advanced Antivirus service ADVANCEDAV1 IPS: contextual protection signatures PATTERNS Root Certification Authorities ROOTCERTS Geolocation/Public IP reputation IPDATA Vulnerability management SEISMO Application and web service icons METADATA
   Tries	Number of tries when the database update fails.
   AutoUpdatePeriod	Frequency of database updates. The possible values are in CRON format. By default, 0 */3 * * * means that databases will be updated every 3 hours.
   Host	Address or name of the proxy server. May be an IP address or an FQDN.
   Port	Number of the listening port on the proxy server.
   User	User name to authenticate on the proxy server, if it requires authentication.
   Password	Password to authenticate on the proxy server, if it requires authentication.
   CAPath	Path to the certificate of the certification authority (CA) that signed the certificate presented by the proxy server.

3. Save the file. Changes will be immediately applied;
4. Only if the State setting has been modified, restart the SMC server with the command nrestart smc.