LogLevel
{logging level}
|
Logging level of the component.
If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.
Default value: Notice
|
Log
{log type}
|
Logging method of the component.
Default value: Auto
|
ExePath
{path to file}
|
Component executable path.
Default value: <opt_dir>/bin/drweb-netcheck.
•For GNU/Linux: /opt/drweb.com/bin/drweb-netcheck.
•For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-netcheck |
FixedSocket
{path to file | address}
|
Socket of the Dr.Web Network Checker agent fixed instance.
If this parameter is specified, the Dr.Web ConfigD configuration daemon checks that there is always a running component copy of the distributed scanning agent that is available to the clients via this socket.
Allowed values:
•<path to file>—path to a local UNIX socket;
•<address>—network socket as the <IP address>:<port> pair.
Default value: (not specified)
|
InternalOnly
{logical}
|
Managing the component operation mode.
If the value is set to Yes, the component is used for internal purposes of the Dr.Web for UNIX Mail Servers components only and it is not used for participating in a scanning cluster and for processing external (to Dr.Web for UNIX Mail Servers) client applications, regardless of the LoadBalance* settings and the specified value of the FixedSocket parameter.
Default value: No
|
RunAsUser
{UID | user name}
|
The parameter determines as which user the component runs. Either the numerical UID of the user or the user name (login) can be specified. If the user name consists of numbers (i.e. similar to a numerical UID), it must be specified with the “name:” prefix, for example: RunAsUser = name:123456.
When the user name is not specified, the component terminates with an error at startup.
Default value: drweb
|
IdleTimeLimit
{time interval}
|
Maximum idle time for the component. When the specified period of time expires, the component shuts down.
If the LoadBalanceAllowFrom or FixedSocket parameter is set, this setting is ignored (the component does not finish its operation after the time interval expires).
Allowed values: from 10 seconds (10s) to 30 days (30d) inclusive.
If the None value is set, the component will function indefinitely; the SIGTERM signal will not be sent if the component goes idle.
Default value: 10m
|
LoadBalanceUseSsl
{logical}
|
Use or do not use SSL/TLS for connecting to other hosts.
Allowed values:
•Yes—use SSL/TLS;
•No—do not use SSL/TLS.
If the parameter is set to Yes, a certificate and a private key must be specified for this host and for all hosts with which it interacts (the LoadBalanceSslCertificate and LoadBalanceSslKey parameters).
Default value: No
|
LoadBalanceSslCertificate
{path to file}
|
Path to the SSL certificate used by Dr.Web Network Checker on the current host for communication with other hosts via a secure SSL/TLS connection.
Note that the certificate file and the private key file (which is specified by a parameter described below) must match each other.
Default value: (not specified)
|
LoadBalanceSslKey
{path to file}
|
Path to the private key file used by Dr.Web Network Checker on the current host for communication with other hosts via a secure SSL/TLS connection.
Note that the certificate file and the private key file (which is specified by a parameter described above) must match each other.
Default value: (not specified)
|
LoadBalanceSslCa
{path}
|
The path to the directory or file with the list of trusted root certificates. Among these certificates, there must be a certificate that certifies the authenticity of the certificates used by agents within the scanning cluster when exchanging data via SSL/TLS protocols.
If the parameter value is empty, Dr.Web Network Checker working on this host does not authenticate certificates of interacting agents; however, depending on the settings, these agents can authenticate the certificate used by the agent operating on the host.
Default value: (not specified)
|
LoadBalanceSslCrl
{path}
|
Path to the directory or file with a list of revoked certificates.
If the parameter value is not specified, Dr.Web Network Checker running on the current host does not verify the certificates of interacting agents, but they may verify the relevance of the certificate used by the agent running on the current host, depending on the settings.
Default value: (not specified)
|
LoadBalanceServerSocket
{address}
|
Network socket (IP address and port) which is listened on the current host by Dr.Web Network Checker for receiving files sent by remote hosts for scanning (if it can operate as a network scanning server).
Default value: (not specified)
|
LoadBalanceAllowFrom
{IP address}
|
IP address of a remote network host from which the Dr.Web Network Checker operating on the current host can receive files for scanning (as a network scanning server).
Accepts a list of values. The values in the list must be comma-separated (with each value put in quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).
Example: Add host addresses 192.168.0.1 and 10.20.30.45 to the list.
1.Adding values to the configuration file.
•Two values per string:
[NetCheck]
LoadBalanceAllowFrom = "192.168.0.1", "10.20.30.45"
|
•Two strings (one value per string):
[NetCheck]
LoadBalanceAllowFrom = 192.168.0.1
LoadBalanceAllowFrom = 10.20.30.45
|
2.Adding values with the drweb-ctl cfset command:
# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 192.168.0.1
# drweb-ctl cfset NetCheck.LoadBalanceAllowFrom -a 10.20.30.45
|
If the parameter is empty, remote files are not accepted for scanning (the host does not operate as a scanning server).
Default value: (not specified)
|
LoadBalanceSourceAddress
{IP address}
|
IP address of a network interface used by Dr.Web Network Checker on the current host for transferring files for remote scanning (if the host operates as a network scanning client and has several network interfaces).
If an empty value is specified, the network interface is automatically selected by the OS kernel.
Default value: (not specified)
|
LoadBalanceTo
{address}
|
Socket (an IP address and a port) of a remote host to which Dr.Web Network Checker operating on the current host can send files for remote scanning (as a network scanning client).
Accepts a list of values. The values in the list must be comma-separated (with each value put in quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).
Example: Add sockets 192.168.0.1:1234 and 10.20.30.45:5678 to the list.
1.Adding values to the configuration file.
•Two values per string:
[NetCheck]
LoadBalanceTo = "192.168.0.1:1234", "10.20.30.45:5678"
|
•Two strings (one value per string):
[NetCheck]
LoadBalanceTo = 192.168.0.1:1234
LoadBalanceTo = 10.20.30.45:5678
|
2.Adding values with the drweb-ctl cfset command:
# drweb-ctl cfset NetCheck.LoadBalanceTo -a 192.168.0.1:1234
# drweb-ctl cfset NetCheck.LoadBalanceTo -a 10.20.30.45:5678
|
If the parameter value is empty, local files cannot be transferred for a remote scanning (the host does not operate as a network scanning client).
Default value: (not specified)
|
LoadBalanceStatusInterval
{time interval}
|
Time interval the current host waits to inform all distributed scanning agents specified in the LoadBalanceAllowFrom parameter about its workload.
Default value: 1s
|
SpoolDir
{path to directory}
|
Local file system directory used to store files received from clients by Dr.Web Network Checker over the network for scanning.
Default value: /tmp/netcheck
|
LocalScanPreference
{fractional number}
|
Relative weight (priority) of the host which is considered when a scanning server is selected to scan a file (a local file or a file received over the network). If the relative weight of the local host is greater than the total weight of all hosts available as scanning servers, files are scanned locally.
Minimal value: 1.
Default value: 1
|