I made a 1 page cheat sheet on vscan for our customers a while ago (attached).  CIFS only (unless that changed) and ONTAP will send scan requests for the extensions listed..shouldn't get to the scan engine at all if not in the ONTAP list.

Thank you Scott!

Maico

Scott,

If I used ‘do?’, will it scan doc and docx

Maico

According to this KB, yes it will http://support.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=81989    The "do?" will check the first 3 characters only... both doc and docx meet the criteria.  To get the fourth character there is a list of bug fixes at the kb that support this, but you can use do? for the list to get both file types.

Thanks Scott.

I was reading documentation of vscan and it mentioned this.

For example, putting C?? into the extension list would cause the filer to scan the files ABC.C, ABC.CPP, ABC.C++, ABC.CPLUS and so on.

For example, putting C? into the extension list would cause the filer to scan the files ABC.C, ABC.CP and so on; but not ABC.CPP

So I am confuse as to whats the real deal. My question is, which is a better practice? Using the inclusion or exclusion? Using exclusion seems more ideal because it means you don’t have to keep track of all extensions that are introduced in your network. You only have to know what you want to exclude.

Maico

I agree… exclusion is most often easier. The guide is correct with any match in the ? character position you list will match regardless of what follows but any extension matching that placeholder and prior fixed value.