Configuration Parameters

Top  Previous 

The component uses configuration parameters which are specified in the [NetCheck] section of the integrated configuration file of Dr.Web for UNIX.

The section contains the following parameters:

LogLevel = {logging level}

Logging level.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value:

LogLevel = Notice

Log = {log type}

Logging method.

Default value:

Log = Auto

ExePath = {path to file}

Path to the executable file of the component.

Default value:

ExePath = <opt_dir>/bin/drweb-netcheck

For Linux:

ExePath = /opt/drweb.com/bin/drweb-netcheck

For FreeBSD:

ExePath = /usr/local/libexec/drweb.com/bin/drweb-netcheck

For Solaris:

ExePath = /opt/drweb.com/bin/drweb-netcheck

FixedSocketPath = {path to file}

Path to the UNIX socket of the fixed Dr.Web Network Checkeragent instance.

If this parameter is specified, the configuration daemon Dr.Web ConfigD checks that an instance of the distributed scanning agent is running and is available to all clients via this socket.

Default value:

FixedSocketPath =

RunAsUser = {UID | user name}

The parameter determines under which user name the component should be run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component operation terminates with an error after the startup.

Default value:

RunAsUser = drweb

IdleTimeLimit = {time interval}

Maximum time that the component can remain idle. If the specified value is exceeded, the component shuts down.

Minimum value—10s.

If the LoadBalanceAllowFrom or FixedSocketPath parameter is set, this setting is ignored (the component does not finish its operation after the time interval expires).

Default value:

IdleTimeLimit = 30s

LoadBalanceUseSsl = {Boolean}

The indicator which determines whether a secure SSL/TLS connection is used for connection to other hosts.

Allowed values:

Yes—instructs to use SSL/TLS

No—instructs not to use SSL/TLS

If the parameter is set to Yes, a certificate and the corresponding private key should be specified for this host and for hosts with which it interacts (the parameters LoadBalanceSslCertificate and LoadBalanceSslKey).

Default value:

LoadBalanceUseSsl = No

LoadBalanceSslCertificate = {path to file}

Path to the SSL certificate used by the distributed scanning agent for communication with other hosts via a secure SSL/TLS connection.

Please note that the certificate file and the private key file (which is specified by a parameter described below) must form a matching pair.

Default value:

LoadBalanceSslCertificate =

LoadBalanceSslKey = {path to file}

Path to the private key used by the distributed scanning agent for communication with other hosts via a secure SSL/TLS connection.

Please note that the certificate file and the private key file (which is specified by the mentioned parameter) must form a matching pair.

Default value:

LoadBalanceSslKey =

LoadBalanceSslCa = {path}

Path to a directory or a file with the root certificate which contains a list of trusted root certificates. Among these certificates, there must be the one that validates the certificates used by the “scanning cluster” agents when exchanging data via SSL/TLS.

If the parameter value is empty, the agent working on this host does not authenticate certificates of interacting agents; however, depending on the settings, these agents can authenticate the certificate used by the agent operating on the host.

Default value:

LoadBalanceSslCa =

LoadBalanceServerSocket = {address}

Network socket (IP address and port) which is listened on this host by the distributed scanning agent for receiving files sent by remote hosts for scanning (if it can operate as a scanning server).

Default value:

LoadBalanceServerSocket =

LoadBalanceAllowFrom = {IP address}

IP address of a remote network host from which the distributed scanning agent can receive files for scanning (as a scanning server).

You can specify a list as the parameter value. The values in the list must be separated with commas. The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

If the parameter is empty, removed files cannot be received for scanning (the host does not operate as a scanning server).

Default value:

LoadBalanceAllowFrom =

LoadBalanceSourceAddress = {IP address}

IP address of a network interface used by the distributed scanning agent on the host for transferring files for their remote scanning (if the host operates as a scanning server and has several network interfaces).

If an empty value is specified, the network interface automatically selected by the OS kernel is used.

Default value:

LoadBalanceSourceAddress =

LoadBalanceTo = {address}

Socket (IP address or port) of a remote host to which the distributed scanning agent on the host can send files for their remote scanning (as a network scanning client).

You can specify a list as the parameter value. The values in the list must be separated with commas. The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

If the parameter value is empty, local files cannot be transferred for a remote scanning (the host does not operate as a network scanning client).

Default value:

LoadBalanceTo =

LoadBalanceStatusInterval = {time interval}

Time interval considered by the host to send the next message containing information about its workload to all scanning clients (specified in the LoadBalanceAllowFrom parameter).

Default value:

LoadBalanceStatusInterval = 1s

SpoolDir = {path to directory}

Local file system directory used to store files sent over the network for scanning and received by the distributed scanning agent.

Default value:

SpoolDir = /tmp/netcheck

LocalScanPreference = {fractional number}

Relative weight (priority) of this host which is considered when a scanning server is selected to scan a file (a local file or a file received over the network). If the relative weight of the local station is greater than the weights of all hosts available as scanning servers, files are scanned locally.

Minimum value—1.

Default value:

LocalScanPreference = 1