LogLevel
{logging level}
|
Logging level of the component.
If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.
Default value: Notice
|
Log
{log type}
|
Logging method of the component.
Default value: Auto
|
ExePath
{path to file}
|
Executable path to the component.
Default value: <opt_dir>/bin/drweb-netcheck.
•For GNU/Linux: /opt/drweb.com/bin/drweb-netcheck.
•For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-netcheck |
FixedSocket
{path to file | address}
|
Socket of the fixed Dr.Web Network Checker agent instance.
If this parameter is specified, the Dr.Web ConfigD configuration daemon checks that there is always a running component copy of the distributed scanning agent that is available to the clients via this socket.
Allowed values:
•<path to file> is a path to a local UNIX socket;
•<address> is a network socket as a pair <IP address>:<port>.
Default value: (not set)
|
InternalOnly
{Boolean}
|
Managing the operation mode of the component.
If the value is set to Yes, the component is used for internal purposes of the Dr.Web for UNIX Mail Servers components only and it is not used for including Dr.Web for UNIX Mail Servers to the scanning cluster and for processing external (to the Dr.Web for UNIX Mail Servers) client applications, regardless of the LoadBalance* settings and the value of the FixedSocket parameter.
Default value: No
|
RunAsUser
{UID | user name}
|
The name of the user on whose behalf the component is run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.
When a user name is not specified, the component operation terminates with an error after the startup.
Default value: drweb
|
IdleTimeLimit
{time interval}
|
Maximum idle time for the component. If the specified value is exceeded, the component shuts down.
If the LoadBalanceAllowFrom or FixedSocket parameter is set, this setting is ignored (the component does not finish its operation after the time interval expires).
Acceptable values: from 10 seconds (10s) to 30 days (30d) inclusive.
If the None value is set, the component will functionate eternally; the SIGTERM signal will not be sent if the components goes idle.
Default value: 30s
|
LoadBalanceUseSsl
{Boolean}
|
Use SSL/TLC for connecting to other hosts.
Allowed values:
•Yes—use SSL/TLS;
•No—do not use SSL/TLS.
If the parameter is set to Yes, a certificate and the corresponding private key should be specified for this host and for hosts with which it interacts (the parameters LoadBalanceSslCertificate and LoadBalanceSslKey).
Default value: No
|
LoadBalanceSslCertificate
{path to file}
|
Path to the SSL certificate used by Dr.Web Network Checker for communication with other hosts via a secure SSL/TLS connection.
Please note that the certificate file and the private key file (which is specified by a parameter described below) must form a matching pair.
Default value: (not set)
|
LoadBalanceSslKey
{path to file}
|
Path to the private key used by Dr.Web Network Checker for communication with other hosts via a secure SSL/TLS connection.
Please note that the certificate file and the private key file (which is specified by the mentioned parameter) must form a matching pair.
Default value: (not set)
|
LoadBalanceSslCa
{path}
|
The path to the directory or file with the list of trusted root certificates. Among these certificates, there must be a certificate that certifies the authenticity of the certificates used by agents within the scanning cluster when exchanging data over SSL/TLS protocols.
If the parameter value is empty, Dr.Web Network Checker working on this host does not authenticate certificates of interacting agents; however, depending on the settings, these agents can authenticate the certificate used by the agent operating on the host.
Default value: (not set)
|
LoadBalanceSslCrl
{path}
|
Path to the directory or file with system list of revoked certificates.
If the parameter value is not specified, Dr.Web Network Checker running on this host does not check the certificates of the interacting agents for validity, but they may check the validity of the certificate used by the agent running on this host, depending on the settings.
Default value: (not set)
|
LoadBalanceServerSocket
{address}
|
Network socket (IP address and port) which is listened on this host by Dr.Web Network Checker for receiving files sent by remote hosts for scanning (if it can operate as a scanning server).
Default value: (not set)
|
LoadBalanceAllowFrom
{IP address}
|
IP address of a remote network host from which the Dr.Web Network Checker receives files for scanning (as a scanning server).s
You can specify a list as the parameter value. The values in the list must be separated with commas (each value in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).
Example: Add to the list of host addresses 192.168.0.1 and 10.20.30.45.
1.Adding of values to the configuration file.
•Two values in a line:
[NetCheck]
LoadBalanceAllowFrom = "192.168.0.1", "10.20.30.45"
|
•Two lines (a value per line):
[NetCheck]
LoadBalanceAllowFrom = 192.168.0.1
LoadBalanceAllowFrom = 10.20.30.45
|
2.Adding values via the drweb-ctl cfset command:
# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 192.168.0.1
# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 10.20.30.45
|
If the parameter is empty, removed files cannot be received for scanning (the host does not operate as a scanning server).
Default value: (not set)
|
LoadBalanceSourceAddress
{IP address}
|
IP address of a network interface used by Dr.Web Network Checker on the host for transferring files for their remote scanning (if the host operates as a scanning server and has several network interfaces).
If an empty value is specified, the network interface automatically selected by the OS kernel is used.
Default value: (not set)
|
LoadBalanceTo
{address}
|
Socket (IP address or port) of a remote host to which Dr.Web Network Checker on the host can send files for their remote scanning (as a network scanning client).
You can specify a list as the parameter value. The values in the list must be separated with commas (each value in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).
Example: Add sockets 192.168.0.1:1234 and 10.20.30.45:5678 to the list.
1.Adding of values to the configuration file.
•Two values in one string:
[NetCheck]
LoadBalanceTo = "192.168.0.1:1234", "10.20.30.45:5678"
|
•Two strings (one value per a string):
[NetCheck]
LoadBalanceTo = 192.168.0.1:1234
LoadBalanceTo = 10.20.30.45:5678
|
2.Adding values with the drweb-ctl cfset command:
# drweb-ctl cfset NetCheck.LoadBalanceTo -a 192.168.0.1:1234
# drweb-ctl cfset NetCheck.LoadBalanceTo -a 10.20.30.45:5678
|
If the parameter value is empty, local files cannot be transferred for a remote scanning (the host does not operate as a network scanning client).
Default value: (not set)
|
LoadBalanceStatusInterval
{time interval}
|
Time interval considered by the host to send the next message containing information about its workload to all scanning clients (specified in the LoadBalanceAllowFrom parameter).
Default value: 1s
|
SpoolDir
{path to directory}
|
Local file system directory used to store files sent over the network for scanning and received by Dr.Web Network Checker.
Default value: /tmp/netcheck
|
LocalScanPreference
{fractional number}
|
Relative weight (priority) of the host which is considered when a scanning server is selected to scan a file (a local file or a file received over the network). If the relative weight of the local station is greater than the weights of all hosts available as scanning servers, files are scanned locally.
Minimum value: 1.
Default value: 1
|