Configuration Parameters

The component uses configuration parameters specified in the [GateD] section of the unified configuration file of Dr.Web Gateway Security Suite.

The section contains the following parameters:

Parameter

Description

LogLevel

{logging level}

Logging level of the component.

If a parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value: Notice

Log

{log type}

Logging method of the component.

Default value: Auto

ExePath

{path to file}

Component executable path.

Default value:

for GNU/Linux: /opt/drweb.com/bin/drweb-gated

for FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-gated

RunAsUser

{UID | user name}

User on behalf of whom the component is started. You can specify either a numerical user identifier (UID) or a user name (login). If the user name consists of numbers (that is, the name is similar to a numerical UID), specify it with the name: prefix, for example, RunAsUser = name:123456.

If the user name is invalid, the component shuts down with an error upon startup.

Default value: drweb

IdleTimeLimit

{time interval}

Maximum idle time for the component. When the specified period of time expires, the component shuts down.

Allowed values: from 10 seconds (10s) to 30 days (30d).
If the None value is set, the component will operate indefinitely; the SIGTERM signal will not be sent if the component goes idle.

Default value: 10m

TemplatesDir

{path to directory}

Path to a directory that contains the templates for the HTML notifications sent upon blocking a web resource.

Default value:

for GNU/Linux: /var/opt/drweb.com/templates/gated

for FreeBSD: /var/drweb.com/templates/gated

CaPath

{path}

Path to the directory or file with a list of trusted root certificates.

Default value: Path to the list of trusted certificates. The path depends on your GNU/Linux distribution.

For Astra Linux, Debian, Linux Mint, SUSE Linux and Ubuntu this is usually the path /etc/ssl/certs/.

For CentOS and Fedora—the path /etc/pki/tls/certs/ca-bundle.crt.

For other distributions, the path can be determined by running the openssl version -d command.

If the command is unavailable or your OS distribution cannot be identified, the /etc/ssl/certs/ value is used.

Changes made to the settings of the connection scanning do not influence the scanning of connections that have already been established by the applications before making changes.

Other parameters of traffic monitoring, as well as its rules, are defined in the settings of the Dr.Web Firewall for Linux service component.