The rule anti-printscreen-whitelist command configures an anti-printscreen whitelist rule. If a snapshot program defined in the anti-printscreen whitelist rule runs on the terminal, the terminal can access the network.
The undo rule anti-printscreen-whitelist command deletes an anti-printscreen whitelist rule.
rule rule-name anti-printscreen-whitelist { md5 md5-value | sha256 sha256-value | process-name process-name }
undo rule rule-name anti-printscreen-whitelist { md5 md5-value | sha256 sha256-value | process-name process-name }
| Parameter | Description | Value |
|---|---|---|
rule-name |
Specifies the name of a rule. |
The value is a string of 1 to 63 case-sensitive characters. |
md5 md5-value |
Specifies an MD5 value for the snapshot program. |
The value is a string of 32 case-insensitive characters, which can be digits (0 to 9) or letters (a to f or A to F). |
sha256 sha256-value |
Specifies an SHA256 value for the snapshot program. |
The value is a string of 64 case-insensitive characters, which can be digits (0 to 9) or letters (a to f or A to F). |
process-name process-name |
Specifies the name of a snapshot program. |
The value is a string of 1 to 127 case-sensitive characters. |
Before you use the rule anti-printscreen-whitelist command, run the rule type command to add a host check policy rule.
A program or file may not be identified by name because the name of the program or file is changeable. SHA256 or MD5 is recommended. An SHA256 or MD5 value can uniquely identify a program or file. A rule can have a maximum of five verification values.
After the anti-printscreen function is enabled, the device defends against the software in the anti-printscreen software list. If a terminal user cannot log in to the virtual gateway due to a snapshot software, check whether the snapshot software exists in the anti-printscreen software list. If yes, add the software to the anti-printscreen whitelist.
# Configure an anti-printscreen whitelist rule to permit the program whose MD5 value is e86aaf94e1e4ad198a139f65d62ab79c.
<sysname> system-view [sysname] v-gateway abc [sysname-abc] hostchecker [sysname-abc-hostchecker] eps-policy policy1 [sysname-abc-hostchecker-policy1] rule rule1 type anti-printscreen-whitelist [sysname-abc-hostchecker-policy1] rule rule1 anti-printscreen-whitelist md5 e86aaf94e1e4ad198a139f65d62ab79c