Configuration Parameters

The component uses configuration parameters specified in the [GateD] section of the unified configuration file of Dr.Web for UNIX Mail Servers.

The section contains the following parameters:

Parameter

Description

LogLevel

{logging level}

Logging level of the component.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value: Notice

Log

{log type}

Logging method of the component.

Default value: Auto

ExePath

{path to file}

Component executable path.

Default value: <opt_dir>/bin/drweb-gated.

For GNU/Linux: /opt/drweb.com/bin/drweb-gated.

For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-gated

RunAsUser

{UID | user name}

The parameter determines as which user the component runs. Either the numerical UID of the user or the user name (login) can be specified. If the user name consists of numbers (i.e. similar to a numerical UID), it must be specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component terminates with an error at startup.

Default value: drweb

IdleTimeLimit

{time interval}

Maximum idle time for the component. When the specified period of time expires, the component shuts down.

Acceptable values: from 10 seconds (10s) to 30 days (30d) inclusive.
If the None value is set, the component will function indefinitely; the SIGTERM signal will not be sent if the component goes idle.

Default value: 10m

TemplatesDir

{path to directory}

Path to the directory that contains the templates for the HTML notifications sent upon blocking a web resource.

Default value: <var_dir>/templates/gated.

For GNU/Linux: /var/opt/drweb.com/templates/gated.

For FreeBSD: /var/drweb.com/templates/gated

CaPath

{path}

Path to the directory or file with a list of trusted root certificates.

Default value: Path to the list of trusted certificates. The path depends on your GNU/Linux distribution.

For Astra Linux, Debian, Linux Mint, SUSE Linux and Ubuntu this is usually the path /etc/ssl/certs/.

For CentOS and Fedora—/etc/pki/tls/certs/ca-bundle.crt.

The path can be defined for other distributions by running the openssl version -d command.

If the command is unavailable or the OS distribution could not be identified, the /etc/ssl/certs/ value is used.

Changes made to the settings of the connection scanning do not influence the scanning of connections that have already been established by the applications before making changes.

Specify more particular parameters of traffic monitoring in the settings of the Dr.Web Firewall for Linux auxiliary component.