Showing results for 
Search instead for 
Did you mean: 

Bypass ICAP Server in MWG 6.8.7


Is it possible in MWG 6.8.7 to bypass the ICAP server for hostnames based on a regex? We want to bypass the ICAP service for simple hostnames, for example http://smile (it's not fully qualified) because we are routing all http/https/ftp-traffic via proxy.pac to the  MWGs and want to bypass content filtering for internal hosts.

My first try was to define ([A-Za-z0-9_-]+) but this didn't work.

Any help will be appreciated.



4 Replies

Re: Bypass ICAP Server in MWG 6.8.7

Why don't you simply bypass proxying to simple  hostnames in the proxy.pac file instead?

You can do this by the function:

if (isPlainHostName(host)) { return DIRECT; }

This is what most people do.

Re: Bypass ICAP Server in MWG 6.8.7

Hi Erik!

That's what we do today.

But we have to separate our test-environment from the development-environment. So in the future we will have two different zones protected by a firewall and the MGW will be the central communication gateway between the two zones. Only the MGW will be allowed to contact the services in the test-environment. Unfortunately there are some common  services in the test-environment which should be reached by the short name, i.e. http://smile


Re: Bypass ICAP Server in MWG 6.8.7

The shell expression patterns in MWG 6.8 are limited. They don't behave like regex.

Version 7 has the ability to do that very easily because you can apply rules to just the URL.Host itself and not the whole URL (scheme://host:port/path?parameters)

I can't see an easy way to isolate a host with no periods in the name without it scanning the entire path, other than putting specific hosts into the ICAP bypass list itself.

Message was edited by: Erik Elsasser on 2/2/11 10:43:55 AM CST

Re: Bypass ICAP Server in MWG 6.8.7


Thank you for the information although I've hoped for better news. Well, so I'm trying to get a list of all those services and define them by the usual way.


More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community