G4. Dr.Web Proxy Server Configuration File

The drwcsd-proxy.conf configuration file of the Proxy Server is presented in the XML format and located in the following folder:

Windows OS: C:\ProgramData\Doctor Web\drwcs\etc

Linux OS: /var/opt/drwcs/etc

FreeBSD OS: /var/drwcs/etc

Description of Dr.Web Server configuration file parameters:

<listen spec="">

The <drwcsd-proxy /> root element contains one or several obligatory <listen /> elements which define basic settings of the Proxy Server for receiving connections.

The <listen /> element contains one obligatory attribute spec, attributes of which define an interface to "listen" incoming client connections and whether the discovery mode is enabled on this interface.

The spec element attributes:

Attribute

Obligatory

Allowed values

Description

Default

ip | unix

yes

Type of the protocol for receiving incoming connections. Address which the Proxy Server listens is set as an attribute.

0.0.0.0 | -

port

no

Port which the Proxy Server listens.

2193

discovery

no

yes, no

The mode of Server imitation. Allows detection of the Proxy Server as Dr.Web Server by the Network scanner.

yes

multicast

no

yes, no

Network "listening" mode for receiving multicast requests by the Proxy Server.

yes

multicast-group

no

Multicast group where the Proxy Server is located.

231.0.0.1

[ff18::231.0.0.1]

Depending on the protocol, the list of non-obligatory properties in the spec attribute may vary.

The list of non-obligatory properties, which can be set (+) or cannot be set (-) in the spec attribute, depending on the protocol:

Protocol

Attribute presence

port

discovery

multicast

multicast-group

ip

+

+

+

+

unix

+

-

-

-

info

The discovery mode must be enabled directly in any case even if the multicast mode is already enabled.

 

The forwarding algorithm for the list of Dr.Web Servers is given in the Administrator Manual.

<compression mode="" level="">

The <compression /> element is a child of the <listen /> element, it defines compression parameters for the client—Proxy Server channel.

Attributes description:

Attribute

Allowed values

Description

Default

mode

yes

Compression enabled.

possible

no

Compression disabled.

possible

Compression possible.

level

integer from 1 to 9

Compression level. Only for the client—Proxy Server channel.

8

<encryption mode="">

The <encryption /> element is a child of the <listen /> element, it defines encryption parameters for the client—Proxy Server channel.

Attributes description:

Attribute

Allowed values

Description

Default

mode

yes

Encryption enabled.

possible

no

Encryption disabled.

possible

Encryption possible.

<forward to="" master="">

Specifies the settings to redirect the incoming connections. The <forward /> element is obligatory. Several <forward /> elements can be set with the different attribute values.

Attributes description:

Attribute

Allowed values

Description

Obligatory

to

An address is specified according to the The Specification of Network Addresses, particularly, in the following format: tcp/<DNS_name>:<port>.

Addresses of Dr.Web Server where to redirect the connection.

yes

master

yes—the Server is unconditional managing.

no—the Server is not managing under any conditions.

possible—the Server will be managing only if there are no explicit managing Servers (with the yes value for the master attribute).

The attribute defines if the Proxy Server settings can be remotely edited via the Control Center of Dr.Web Server specified in the to attribute.

You can assign managing to any number of Servers (set the master="yes"); Proxy Server connects to all the managing Servers by their order in the settings until it gets the first valid (not empty) configuration.

Also, you can assign none of the Servers managing (set the master="no"). In this case, the Proxy Server parameters (including the assignment of managing Servers) can be configured only locally via the Proxy Server configuration file.

no

info

If the master attribute is absent for the Server, default is the same as master="possible".

In the configuration file created by the installer during the Proxy Server installation, the master attribute is not defined for any of the Servers.

<compression mode="" level="">

If the <compression /> element is a child of the <forward /> element, it defines compression parameters for the Server—Proxy Server channel. Attributes are the same as described above.

<encryption mode="">

If the <encryption /> element is a child of the <forward /> element, it defines encryption parameters for the Server—Proxy Server channel. Attributes are the same as described above.

<update-bandwidth value="" queue-size="">

The <update-bandwidth /> element allows to specify the speed limitation on updates transferring from the Server to clients and the number of clients that downloading updates at the same time.

Attributes description:

Attribute

Allowed values

Description

Default

value

KB/sec.

unlimited

Maximum summary speed of updates transferring.

unlimited

queue-size

positive integer

unlimited

Maximum allowable number of updates distribution sessions running at the same time from the Server. When the limit is reached, the Agent requests are placed into the waiting queue. The waiting queue size is unlimited.

unlimited

<bandwidth value="" time-map="" />

The <update-bandwidth /> element may have one or several <bandwidth /> child elements. This element allows to specify speed limitation of data transferring for the specified time period.

Attributes description:

Attribute

Allowed values

Description

Default

value

KB/sec.

unlimited

Maximum summary speed of data transferring for the Agent updates.

unlimited

time-map

The mask that specifies the time period to apply limitations.

info

The value of the time-map parameter is defined same as the schedule of traffic updates in the Server settings. The time-map manual generating is not currently supported.

<install-bandwidth value="" queue-size="">

The <install-bandwidth> element allows to specify the speed limitation on data transferring during Agents installation and number of clients that downloading data for installation at the same time.

Attributes description:

Attribute

Allowed values

Description

Default

value

KB/sec.

unlimited

Maximum summary speed of data transferring during the Agents installation.

unlimited

queue-size

positive integer

unlimited

Maximum allowable number of the Agent installation sessions running at the same time from the Server. When the limit is reached, the Agent requests are placed into the waiting queue. The waiting queue size is unlimited.

unlimited

<bandwidth value="" time-map="">

The <install-bandwidth> element may have one or several <bandwidth /> child elements. This element allows to specify speed limitation of data transferring for the specified time period.

Attributes description:

Attribute

Allowed values

Description

Default

value

KB/sec.

unlimited

Maximum summary speed of data transferring for the Agent installation.

unlimited

time-map

The mask that specifies the time period to apply limitations.

info

The value of the time-map parameter is defined same as the schedule of traffic updates in the Server settings. The time-map manual generating is not currently supported.

<cache enabled="">

Configure the settings of Proxy Server repository cache.

Attributes description:

Attribute

Allowed values

Description

Default

enabled

yes | no

Defines if the caching is enabled.

yes

The <cache> element contains the following child elements:

Element

Allowed values

Description

Default

<clean-interval value="">

positive integer

Number of stored revisions.

3

<unload-interval value="">

positive integer

Time slot between purging of old revisions in minutes.

60

<repo-check mode="">

positive integer

Time slot between unloads of unused files from the memory in minutes.

10

<repo-check />

idle | sync

Check of cache integrity either at start (may take time) or in background.

idle

<synchronize enabled="" schedule="">

Settings for synchronization of Proxy Server and Dr.Web Server repositories.

Attributes description:

Attribute

Allowed values

Description

Default

enabled

yes | no

Defines if the repository synchronization is enabled.

yes

schedule

Schedule for synchronization of the specified products.

info

The value of the schedule parameter is defined same as the schedule of synchronization in the Control Center settings. The schedule manual generating is not currently supported.

The <product name="" /> child elements give the list of products for the synchronization:

10-drwbases—virus databases,

10-drwgatedb—SpIDer Gate bases,

10-drwspamdb—Anti-spam bases,

10-drwupgrade—Dr.Web Updater,

15-drwappcntrl—Trusted applications of the Application Control component,

15-drwhashdb—Known hashes of threats,

20-drwagent—Dr.Web Agent for Windows,

20-drwandroid11—Dr.Web Agent for Android,

20-drwunix—Dr.Web Agent for UNIX,

40-drwproxy—Dr.Web Proxy Server,

70-drwextra—Dr.Web enterprise products,

70-drwutils—Dr.Web administrative utilities.

<events enabled="" schedule="">

Settings for caching the events received from the Agents.

Attributes description:

Attribute

Allowed values

Description

Default

enabled

yes | no

Defines if the caching is enabled.

If enabled, the events are sent to the Server according to the timetable. If the caching is disabled, events will be sent to the Server immediately after receiving by the Proxy Server.

yes

schedule

Timetable according to which the events from the Agents will be transmitted.

info

The value of the schedule parameter is defined same as the schedule of events sending in the Control Center settings. The schedule manual generating is not currently supported.

<update enabled="" schedule="">

Settings for the automatic update of the Proxy Server.

For the automatic update, if the synchronization is enabled, the Proxy Server updates are downloaded from the Server according to the synchronization timetable (see above) and are installed according to the update timetable (by default, with no time limitations). If the synchronization is disabled, when updates are downloaded and installed by update timetable (by default, with no time limitations).

Attributes description:

Attribute

Allowed values

Description

Default

enabled

yes | no

Defines if the automatic update is enabled.

yes

schedule

Timetable according to which the updates will be downloaded (if synchronization is not set) and installed.

info

The schedule manual generating is not currently supported. By default, the automatic update is allowed with no time limitations.

<core-dump enabled="" maximum="">

The collecting mode and number of memory dumps in case of SEH exception occurs.

warning

Memory dumps setup is available for Windows OS only.

 

To collect memory dump, OS must contain the dbghelp.dll library.

Dump is written to the following folder: %All Users\Application Data%\Doctor Web\drwcsd-proxy-dump\

Attributes description:

Attribute

Allowed values

Description

Default

enabled

yes | no

Defines if dumps collecting is enabled.

yes

maximum

positive integer

Maximal dumps number. The oldest are deleted.

10

<dns>

DNS settings.

<timeout value="">

Timeout in seconds for resolving DNS direct/reverse queries. Leave the value blank to disable restriction on wait time until the end of the resolution

<retry value='"">

Maximum number of repeated DNS queries on fail while resolving the DNS query.

<cache enabled="" negative-ttl="" positive-ttl="">

Time for storing responses from DNS server in the cache.

Attributes description:

Attribute

Allowed values

Description

enabled

yes—store responses in the cache,

no—do not store responses in the cache.

Mode of storing responses in the cache.

negative-ttl

Storage time in the cache (TTL) of negative responses from the DNS server in minutes.

positive-ttl

Storage time in the cache (TTL) of positive responses from the DNS server in minutes.

<servers>

List of DNS servers, which replaces default system list. Contains one or several <server address=""> child elements, the address parameter of which defines IP address of the server.

<domains>

List of DNS domains, which replaces default system list. Contains one or several <domain name=""> child elements, the name parameter of which defines the domain name.