Configuration Parameters

 Top  Previous  Next

The component uses configuration parameters which are specified in the [NetCheck] section of the integrated configuration file of Dr.Web for UNIX Mail Servers.

The section contains the following parameters:

LogLevel

{logging level}

Logging level of the component.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value: Notice

Log

{log type}

Logging method

ExePath

{path to file}

Path to the executable file of the component.

Default value: <opt_dir>/share/drweb-netcheck/linkchecker

For Linux, Solaris: /opt/drweb.com/bin/drweb-netcheck

For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-netcheck

FixedSocketPath

{path to file}

Path to the UNIX socket of the fixed Dr.Web Network Checker agent instance.

If this parameter is specified, the Dr.Web ConfigD configuration daemon checks that there is always a running component copy of the distributed scanning agent that is available to the clients via this socket.

Default value: (not specified)

RunAsUser

{UID | user name}

The parameter determines under which user name the component should be run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component operation terminates with an error after the startup.

Default value: drweb

IdleTimeLimit

{time interval}

Maximum time that the component can remain idle. If the specified value is exceeded, the component shuts down.

Minimum value—10s.

If the LoadBalanceAllowFrom or FixedSocketPath parameter is set, this setting is ignored (the component does not finish its operation after the time interval expires).

Default value: 30s

LoadBalanceUseSsl

{Boolean}

The indicator which determines whether a secure SSL/TLS connection is used for connection to other hosts.

Allowed values:

Yes—instructs to use SSL/TLS

No—instructs not to use SSL/TLS

If the parameter is set to Yes, a certificate and the corresponding private key should be specified for this host and for hosts with which it interacts (the parameters LoadBalanceSslCertificate and LoadBalanceSslKey).

Default value: No

LoadBalanceSslCertificate

{path to file}

Path to the SSL certificate used by Dr.Web Network Checker for communication with other hosts via a secure SSL/TLS connection.

Please note that the certificate file and the private key file (which is specified by a parameter described below) must form a matching pair.

Default value: (not specified)

LoadBalanceSslKey

{path to file}

Path to the private key used by Dr.Web Network Checker for communication with other hosts via a secure SSL/TLS connection.

Please note that the certificate file and the private key file (which is specified by the mentioned parameter) must form a matching pair.

Default value: (not specified)

LoadBalanceSslCa

{path}

The path to the directory or file that contains the list of root certificates that are trusted. Among these certificates, there must be a certificate that certifies the authenticity of the certificates used by agents within the scanning cluster when exchanging data over SSL/TLS protocols.

If the parameter value is empty, Dr.Web Network Checker working on this host does not authenticate certificates of interacting agents; however, depending on the settings, these agents can authenticate the certificate used by the agent operating on the host.

Default value: (not specified)

LoadBalanceServerSocket

{address}

Network socket (IP address and port) which is listened on this host by Dr.Web Network Checker for receiving files sent by remote hosts for scanning (if it can operate as a scanning server).

Default value: (not specified)

LoadBalanceAllowFrom

{IP address}

IP address of a remote network host from which the Dr.Web Network Checker can receive files for scanning (as a scanning server).

You can specify a list as the parameter value. The values in the list must be separated with commas (each value in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

Example: Add to the list of host addresses 192.168.0.1 and 10.20.30.45.

1.Adding of values to the configuration file.

Two values in one string

Section [NetCheck]
LoadBalanceAllowFrom = "192.168.0.1", "10.20.30.45"

Two strings (one value per a string)

[NetCheck]
LoadBalanceAllowFrom = 192.168.0.1
LoadBalanceAllowFrom = 10.20.30.45

2.Adding values via the command drweb-ctl cfset.

# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 192.168.0.1
# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 10.20.30.45

If the parameter is empty, removed files cannot be received for scanning (the host does not operate as a scanning server).

Default value: (not specified)

LoadBalanceSourceAddress

{IP address}

IP address of a network interface used by Dr.Web Network Checker on the host for transferring files for their remote scanning (if the host operates as a scanning server and has several network interfaces).

If an empty value is specified, the network interface automatically selected by the OS kernel is used.

Default value: (not specified)

LoadBalanceTo

{address}

Socket (IP address or port) of a remote host to which Dr.Web Network Checker on the host can send files for their remote scanning (as a network scanning client).

You can specify a list as the parameter value. The values in the list must be separated with commas (each value in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

Example: Add sockets 192.168.0.1:1234 and 10.20.30.45:5678 to the list.

1.Adding of values to the configuration file.

Two values in one string

[NetCheck]
LoadBalanceTo = "192.168.0.1:1234", "10.20.30.45:5678"

Two strings (one value per a string)

[NetCheck]
LoadBalanceTo = 192.168.0.1:1234
LoadBalanceTo = 10.20.30.45:5678

2.Adding values via the command drweb-ctl cfset.

# drweb-ctl cfset NetCheck.LoadBalanceTo -a 192.168.0.1:1234
# drweb-ctl cfset NetCheck.LoadBalanceTo -a 10.20.30.45:5678

If the parameter value is empty, local files cannot be transferred for a remote scanning (the host does not operate as a network scanning client).

Default value: (not specified)

LoadBalanceStatusInterval

{time interval}

Time interval considered by the host to send the next message containing information about its workload to all scanning clients (specified in the LoadBalanceAllowFrom parameter).

Default value: 1s

SpoolDir

{path to directory}

Local file system directory used to store files sent over the network for scanning and received by Dr.Web Network Checker.

Default value: /tmp/netcheck

LocalScanPreference

{fractional number}

Relative weight (priority) of this host which is considered when a scanning server is selected to scan a file (a local file or a file received over the network). If the relative weight of the local station is greater than the weights of all hosts available as scanning servers, files are scanned locally.

Minimum value—1.

Default value: 1