Core ghoule
Junior Member | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору ; ; Dr.Web (R) Configuration file ; $Revision: 1.35 $ ; ;--------------------------------------------------------------- [Daemon] ; ======================= ; = Engine settings = ; ======================= ;EnginePath = { path to the file, usual extension is dll } ; Location of drweb32.dll module (search module). This parameter is ; also used by the updating module to update the search module. You ; may specify a relative path, but it is strongly recommended to make ; it absolute. EnginePath = "/opt/drweb/lib/drweb32.dll" ;VirusBase = { list of paths (masks) to the files, usual extension is vdb } ; Masks for the loaded virus bases. This parameter is also used by ; the updating module to update antivirus' bases. Several masks can be ; enumerated. VirusBase = "/var/drweb/bases/*.vdb", "/var/drweb/bases/*.VDB" ;UpdatePath = { path } ; This parameter is used by the update script. This is a place for files ; (except for drweb32.dll and bases) has been downloaded by update script. UpdatePath = "/var/drweb/updates" ;TempPath = { path } ; This path is used by the antivirus engine for creating temporary files. ; /tmp would be used if TempPath is not defined. ; Normally, the daemon attempts to avoid using TempPath. TempPath = "/var/drweb/spool" ;LngFileName = { path to the language resource file, usual extension - dwl } ; Localization file location. ;LngFileName = "/opt/drweb/lib/ru_daemon.dwl" ;Key = {path to a file, usual extension is key } ; Location of the file with the registration key. You may specify ; relative path, but it is strongly recommended to make it ; absolute. Key = "/opt/drweb/drweb32.key" ;MailAddressesList = {path to a file} ; This file is used only if you have bought e-mail license for ; 15 and 30 addresses. ; Location of file with list of licensed email addresses. ; Format of file: one address per line. Address can be in local ; or local@fqdn form. See default email.ini for examples. MailAddressesList = "/etc/drweb/email.ini" ; ======================== ; = Running settings = ; ======================== ;OutputMode = { Terminal | Quiet } ; Output startup information on the console, Quiet cancels output. OutputMode = Terminal ;RunForeground = { Yes | No } ; Disable(Yes)/Enable(No) daemon mode (chdir to / and fork). RunForeground = No ;User = { user name } ; The user whose rights the daemon is run under. It is recommended to ; create in the system a special drweb user which will be used by the ; daemon and some filters in future. It is undesirable to use DrWeb ; Daemon with root rights although it requires much less setting ; (particularly in case of Samba servers). ; WARNING: User value cannot be changed during SIGHUP ; handling (reload configuration on the fly). User = drweb ;UserID = { numeric ID } ;GroupID = { numeric ID } ; Group and user ID. Daemon will work with their rights. The ; parameters get ignored if the User parameter is set. ; WARNING: These values cannot be changed during SIGHUP ; handling (reload configuration on the fly). ; Default value: absent ;PidFile = { path to file } ; File name where information about daemon's PID and Unix socket (if ; SocketMode is Unix) or port number (if SocketMode is TCP) will be ; written when the daemon starts. ; Default value: ; "/var/drweb/run/drwebd.pid" PidFile = "/var/drweb/run/drwebd.pid" ;BusyFile = { path to file } ; Daemon's busy file name: it is created by the scanning "copy" of ; the daemon if so commanded and is removed after ; transmitting the result of its execution. File name created by ; every "copy" of the daemon is appended with a point and ASCIIZ ; representation of daemon's PID (e.g., /var/run/drwebd.bsy.123456). ; Default value: absent (file does not get created) BusyFile = "/var/drweb/run/drwebd.bsy" ;MaxChildren = "value" ; Sets maximum amount of simultaneously working child (scanning) ; processes. If Prefork parameter is set to "No" (see below), ; then new scan process is created for each query. If Prefork is ; set to "Yes" then the daemon will start number of scan processes, ; equal to MaxChildren. Recommended value - from 4 up to ; 16 processes per CPU. MaxChildren = 16 ;PreFork = { Yes | No } ; Sets mode of child (scan) processes' creation procedure. ; PreFork mode is faster but consumes more memory because ; scanning processes are always present in memory. ; If you change this parameter, you must unload and load ; the Dr.Web daemon again. ; WARNING: PreFork value can not be changed during SIGHUP ; handling (reload configuration on the fly). PreFork = Yes ;MailCommand = { command } ; This command will be used for admins notification by ; the daemon and the updater. MailCommand = "/usr/sbin/sendmail -i -bm -f drweb -- root" ; ========================= ; = Scanning settings = ; ========================= ;FileTimeout = { value, seconds } ; Maximum checking time of an object in single session. FileTimeout = 30 ;StopOnFirstInfected = { Yes | No } ; Cancel or not a message checking after first virus is detected. ; Setting to {Yes} value can minimize mail-server load and ; message check time. StopOnFirstInfected = No ;ScanPriority = { value } ; Priority of the scanning process. This value should be in the range ; -20 (highest) to 19 (lowest). ;ScanPriority = 0 ;FilesTypes = { extension list } ; Types of files that will be checked if the "by type" scanning is ; performed, i.e. the "ScanFiles" parameter has "ByType" value. "*" and "?" ; characters admissible. ;FilesTypes = EXE,COM,SYS,OV?,BAT,BIN,DRV,PRG,BOO,SCR,CMD,VXD,386,DLL,FON,DO? ;FilesTypes = XL?,WIZ,RTF,CL*,HT*,VB*,JS*,INF,AR?,ZIP,R??,PP?,OBJ,LIB,HLP,MD? ;FilesTypes = INI,MBR,IMG,CSC,CPL,MBP,SHS,SHB,PIF,SO,CHM,REG,XML,PRC,ASP,LSP ;FilesTypes = MSO,OBD,THE*,NWS,SWF,BMP,MPP,OCX,DVB,CPY,MSG,EML ;ScanFiles = { All | ByType | ByFormat } ; The files to be checked after the extraction from an archive. ; If ByType is set the so-called file extensions are ; taken into account (file extension is the last suffix after "." in ; the file name; if there is no ".", a file has no extension). The file ; extension values are set either by default, or in the FilesTypes ; parameters. If ByFormat is set, only the files included into the ; checkable set are checked. The aim of the check is to find out ; whether they can be virus carriers, i.e. executable files (file ; name and extension are not taken into account). And only then only ; presumably executable files will be scanned for viruses. Important ; note: the All mode is always enabled in the mail files. ByType and ; ByFormat values can be applied only in "local" scanning mode. ScanFiles = All ;CheckPackedFiles = { Yes | No } ; Whether or not unpacking executable files packed by DIET, PKLITE ; etc. utilities be performed. CheckPackedFiles = Yes ;CheckArchives = { Yes | No } ; Whether or not unpacking of archives of ZIP (WinZip, InfoZIP...), RAR, ; ARJ, TAR, GZIP and CAB formats be performed. CheckArchives = Yes ;CheckEMailFiles = { Yes | No } ; Whether or not files in e-mail formats get scanned. CheckEMailFiles = Yes ;ExcludePaths = { list of the paths (mask) to the files } ; Masks for files that should not be checked by the daemon. ExcludePaths = ;FollowLinks = { Yes | No } ; Whether or not symbolic links should be followed when scanning. FollowLinks = No ;RenameFilesTo = { mask } ; A special mask for renaming files using file extension. ; If a file has no extension, then the mask will be ; added to file. Symbol "?" in mask is replaced by original ; symbol of a file extension in same position. ; This feature is used only by Dr.Web VFS for Samba. ; Examples: ; Let RenameFilesTo = #?? ; 1) An original name of an infected file was: eicar.com ; then renamed filename would be: eicar.#om ; 2) An original name of an infected file was: this_a_virus ; then renamed filename would be: this_a_virus.# RenameFilesTo = #?? ;MoveFilesTo = { path } ; Path to quarantine directory. ; This feature is used only by Dr.Web VFS for Samba. MoveFilesTo = "/var/drweb/infected" ;BackupFilesTo = { path } ; Path to directory is used for backup infected files ; if curing has been requested. No backup copies will ; be created, if parameter was not been defined. ;BackupFilesTo = "/var/drweb/infected" ; ==================== ; = Log settings = ; ==================== ;LogFileName = { file name } ; Log file name. You may specify "syslog" as name, the report will be ; logged by means of syslogd system service. Using syslog, pay ; attention to SyslogFacility and SyslogPriority options. Since ; syslog has a few files to log different events and different degrees ; of their importance, you can find out where the daemon's report will ; be written to, basing on these two parameters and the contents of ; the configuration file syslog (usually /etc/syslogd.conf). ;LogFileName = "syslog" ;SyslogFacility = "Daemon" ;SyslogPriority = "Info" LogFileName = "/var/drweb/log/drwebd.log" ;LimitLog = { Yes | No } ; Enable/Disable limit for log file size. Parameter ; is used only if LogFileName is not "syslog" ; See alse MaxLogSize for limit. LimitLog = No ;MaxLogSize = { filesize in Kb } ; This parameter defines maximum size of logfile and is ; used only if LimitLog = Yes. MaxLogSize = 512 ;LogScanned = { Yes | No } ; Whether or not the information on all the checked objects independently ; infected or not get logged in the log file. LogScanned = Yes ;LogInfected = { Yes | No } ; Whether or not the information on infected objects get logged in the log file. LogInfected = Yes ;LogPacked = { Yes | No } ; Whether or not the additional information on the files packed by the DIET, ; PKLITE etc. utilities get logged in the log file. LogPacked = Yes ;LogArchived = { Yes | No } ; Whether or not the additional information on the archiving programs (like ; RAR, ZIP, TAR etc) get logged in the log file. LogArchived = Yes ;LogTime = { Yes | No } ; Whether or not the time of every record get logged. LogTime = Yes ;LogProcessInfo = { Yes | No } ; Whether or not prepend each every logged record with scanning process pid ; and client address (hostname or IP). LogProcessInfo = Yes ;RecodeNonprintable = { Yes | No } ; Mode of output of unvisible for this terminal symbols into the logfile. RecodeNonprintable = Yes ;RecodeMode = { Replace | QuotedPrintable } ; Method of recoding of unvisible symbols, if RecodeNonprintable equal to ; "Yes". Unvisible symbols would been replaced by RecodeChar (see below), ; if this option has "Replace" value. RecodeMode = QuotedPrintable ;RecodeChar = { "?" | "_" | ... } ; Defines a symbol that would been placed instead of unvisible symbols, ; if RecodeMode option has "Replace" value. RecodeChar = "?" ; ============================== ; = Communication settings = ; ============================== ;Socket = port [Interfaces] ;Socket = file [Access] ; Description of socket, used for communication with daemon. ; The first form describes TCP-socket, parameter {port} - decimal ; port number, {interfaces} - list of listening interface names or ; IP-addresses. ; Example: ; Socket 3000 127.0.0.1 ; The second form describes unix-socket, {file} - socket name, ; {access} - octal value of access rights. ; Example: ; Socket /var/drweb/run/.daemon ; Number of socket keys is not limited, daemon will work with all ; correctly described sockets. ; Example: ; drweb32.ini: ; Socket 3000 localhost, 10.0.0.1 ; Socket /var/drweb/run/.daemon ; {filter}.conf: ; Address = local:/var/drweb/run/.daemon, inet:3000@localhost, inet:3000@10.0.0.1 Socket = /var/drweb/run/.daemon Socket = 3000 127.0.0.1 ;SocketTimeout = { value, seconds } ; Time of reception/transmission of all the data via the socket ; (without considering file scanning time). SocketTimeout = 10 ;ListeningQueue = "value" ; Defines sockets queue maximum size. Value may vary from 0 to ; SOMAXCONN (depends on the OS). ListeningQueue = 128 ; ================================= ; = Archive scanning settings = ; = Protection from DoS attacks = ; ================================= ;MaxCompressionRatio = { value } ; Maximum compression ratio, i.e. ratio of the unpacked file length ; to the length of the packed file in the archive. If the ratio ; exceeds the value, the file will not be extracted and therefore ; will not be checked. Note: a message with such a file will be ; treated as "mail bomb" ; NOTE: See also ArchiveRestriction action in filters configurations. MaxCompressionRatio = 500 ;CompressionCheckThreshold = { value in Kb } ; Maximum file size inside archive, beginning from which the ; maximum compression ratio will be checked (if enabled by ; MaxCompressionRatio switch). CompressionCheckThreshold = 1024 ;MaxFileSizeToExtract = { value in Kb } ; The maximum size of the file extracted from an archive. If the file ; in the archive exceeds the value it will be skipped. A message with ; such a file will be treated as "mail bomb". ; NOTE: See also ArchiveRestriction action in filters configurations. MaxFileSizeToExtract = 40960 ;MaxArchiveLevel = { value } ; The maximum archive recursion (archive in archive in archive etc). ; A message with such a file will be treated as "mail bomb". ; NOTE: See also ArchiveRestriction action in filters configurations. MaxArchiveLevel = 8 ; ============================================ ; = Rule-based filter for E-mail headers = ; ============================================ ; Dr.Web Daemon has embedded capacities of e-mail ; filtering based on the system of e-mail messages header analysis. The ; regulations of filtration are also set in drweb32.ini, they get checked ; when being set, i.e. the first set rule will be checked first. The fact of ; setting filter regulations does not mean they will be automatically ; applied. To enable header analysis you should set the corresponding options ; in the delivered filters or specify special flags if making home decisions ; on the base of Dr.Web Daemon. Regulation correspondence is searched until ; the first suitable regulation is found and the action set by the regulation ; is taken. ;ScanEncodedHeaders { Yes | No } ; Process or not message headers before decoding. For example, ; value Yes and rule <RejectCondition Subject = "iso-8859-5"> allows ; to filter all messages with Subject field in iso-8859-5 encoding. ; Note: The headers would been processed twice (before decoding ; and after) if value Yes. ;ScanEncodedHeaders = No ;RejectCondition { Set of rules }, AcceptCondition { Set of rules } ; Description of filter rules on message headers. Rules consist of ; header name and regular expression, describing meaning of this field. ; More then one rule can be merged with () and OR and AND operations. ; Special filtering rules include conditions 'No "Header"' (means absence ; of this field, e.g. according to the rule 'RejectCondition No "From"' ; all messages without field From will be filtered), 'Header="8bit"' ; (field contains 8-bit symbols). Regexp values and header names ; should be put in quotes. ;RejectCondition Subject = "money" OR ( Content-Type = "text/html" AND Subject = "8bit" ) ;AcceptCondition Subject != "money" ;MissingHeader { field list } ; Describes list of header fields, absence of which in the message ; will filter this message. ;MissingHeader "To", "From" ;FilterParts = { Yes | No } ; Allows using RejectPartCondition and AcceptPartCondition, when ; set to "Yes". ;FilterParts = No ;RejectPartCondition { ruleset }, AcceptPartCondition { ruleset } ; Parameters that work similarly to RejectCondition and ; AcceptCondition, but for use with particular message parts. ; Ruleset can be defined as FileName = "mask", where "mask" is ; POSIX 1003.2 compatible regular expression. This parameter works ; only if FilterParts is set to "Yes". ;RejectPartCondition FileName = "\.exe$" ;--------------------------------------------------------------- [Scanner] ; ======================= ; = Engine settings = ; ======================= ;EnginePath = { path to the file, usual extension is dll } ; Location of drweb32.dll module (search module). This parameter is ; also used by the updating module to update the search module. You ; may specify relational path, but it is strongly recommended to make ; it absolute. EnginePath = "/opt/drweb/lib/drweb32.dll" ;VirusBase = { list of the paths (masks) to the files, usual extension is vdb } ; Masks for the loaded virus bases. This parameter is also used by ; the updating module to update antivirus bases. A few masks can be ; enumerated. VirusBase = "/var/drweb/bases/*.vdb", "/var/drweb/bases/*.VDB" ;UpdatePath = { path } ; This parameter is used by update script. This is a place for files ; (except drweb32.dll and bases) has been downloaded by update script. UpdatePath = "/var/drweb/updates" ;TempPath = { path } ; This path is used by antivirus engine for creating temporary files. ; /tmp would been used if TempPath is not defined. ; Normally, the scanner attempts to avoid using of TempPath. TempPath = "/tmp" ;LngFileName = { path to the language resource file, usual extension - dwl } ; Localization file location. ;LngFileName = "/opt/drweb/lib/ru_scanner.dwl" ;Key = {path to the file, usual extension is key } ; Location of the file with the registration key. You may specify ; relational path, but it is strongly recommended to make it ; absolute. Key = "/opt/drweb/drweb32.key" ; ======================== ; = Running settings = ; ======================== ;OutputMode = { Terminal | Quiet } ; Mode of output startup information on the console, Quiet cancels ; output. OutputMode = Terminal ; ========================= ; = Scanning settings = ; ========================= ;HeuristicAnalysis = { Yes | No } ; Permits DrWeb to use heuristic analysis, with the ; help of which the unknown viruses can be detected judging by the ; comprehension of the structure of virus code. The distinctive ; feature of this type of scanning for viruses is the approximate, ; probabilistic detecting of the infected objects therefore called ; suspected, not infected. The parameter disabled, only the known viruses ; from the virus data base are searched. There exists an entire class ; of programs which may cause false alarms of the heuristics ; analyzer because they use the code similar to that used by viruses. ; Besides, enabling this type of checking may increase the total ; scanning time (although insignificantly). These are arguments for ; disabling heuristic analysis. But on the whole, this type of ; analysis noticeably increases the safety of antivirus protection. HeuristicAnalysis = Yes ;ScanPriority = { value } ; Priority of the scanning process. This value should be in the range ; -20 (highest) to 19 (lowest). ;ScanPriority = 0 ;FilesTypes = { extension list } ; Types of files that will get checked if by type scanning is ; performed, i.e. ScanFiles parameters has ByType value. "*" and "?" ; characters admissible. FilesTypes = EXE,COM,SYS,OV?,BAT,BIN,DRV,PRG,BOO,SCR,CMD,VXD,386,DLL,FON,DO? FilesTypes = XL?,WIZ,RTF,CL*,HT*,VB*,JS*,INF,AR?,ZIP,R??,PP?,OBJ,LIB,HLP,MD? FilesTypes = INI,MBR,IMG,CSC,CPL,MBP,SHS,SHB,PIF,SO,CHM,REG,XML,PRC,ASP,LSP FilesTypes = MSO,OBD,THE*,NWS,SWF,BMP,MPP,OCX,DVB,CPY,MSG,EML ;ScanFiles = { All | ByType | ByFormat } ; The files that will get checked after having been extracted from ; the archive. If ByType is set the so called file extensions are ; taken into account (file extension is the last suffix after "." in ; the file name; if there is no ".", file has no extension). The file ; extension values are set either by default, or in the parameter(s) ; FilesTypes. If ByFormat is set, only the files included into the ; checkable set get checked. The aim of the check is to find out ; whether they can be virus carriers, i.e. executable files (file ; name and extension are not taken into account). And only then only ; presumably executable files will be scanned for viruses. Important ; note: the All mode is always enabled in the mail files. ByType and ; ByFormat values can be applied only in "local" scanning mode. ScanFiles = All ;ScanSubDirectories = { Yes | No } ; Should scanning the contents of directories recursively be done. ScanSubDirectories = Yes ;CheckPackedFiles = { Yes | No } ; Should unpacking of the executable files packed by DIET, PKLITE ; etc. utilities be performed. CheckPackedFiles = Yes ;CheckArchives = { Yes | No } ; Should unpacking of the archives of ZIP (WinZip, InfoZIP...), RAR, ; ARJ, TAR, GZIP and CAB formats be performed. CheckArchives = Yes ;CheckEMailFiles = { Yes | No } ; Should files in e-mail formats get scanned. CheckEMailFiles = Yes ;ExcludePaths = { list of the paths (mask) to the files } ; Masks for the files should not been checked by scanner. ExcludePaths = ;FollowLinks = { Yes | No } ; Should the symbolic links be followed when scanning. FollowLinks = No ;RenameFilesTo = { mask } ; Special mask for renaming files using file extension. ; If file has not have extension then mask would been ; added to file. Symbol "?" in mask is replaced by original ; symbol of file extension in same position. ; Examples: ; Let RenameFilesTo = #?? ; 1. Infected files original name was: eicar.com ; then renamed filename would: eicar.#om ; 2. Infected files original name was: this_a_virus ; then renamed filename would: this_a_virus.# RenameFilesTo = #?? ;MoveFilesTo = { path } ; Path to quarantine directory. MoveFilesTo = "/var/drweb/infected" ;EnableDeleteArchiveAction = { Yes | No } ; Allow to scanner delete containers (archives, html, mailboxs etc) ; if it contains infected objects. The container file entirely will ; be removed, so all messages in mailbox would been lost if mailbox ; contains even only one infected message. ; WARNING: Be carefull ! EnableDeleteArchiveAction = No ; By default, the scanner only logs information about infected object, ; but you can specify another action for different cases: ; InfectedFiles - file infected by known virus ; SuspiciousFiles - file possible infected by unknown virus ; IncurableFiles - file infected and can not be cured ; (only if InfectedFiles = Cure) ; ActionInfectedMail - message or mailbox contains infected object ; ActionInfectedArchive - archive (ZIP, TAR, RAR etc) ; contains an infected object ; ActionInfectedContainer - container (OLE, HTML, PowerPoint etc) ; contains an infected object ; ActionAdware - file contains an advertising software ; ActionDialers - file contains dialer program ; ActionJokes - file contains joke(hoax) program ; ActionRiskware - file contains potentially dangerous software ; ActionHacktools - file contains an intrusion tool ; Possible action of each case are the following: ; Report - only log information (default) ; Cure - atempt cure object (only for InfectedFiles) ; Delete - delete object ; Move - quarantine object to MoveFilesTo directory ; Rename - rename object using RenameFilesTo mask ; Ignore - ignoring this type of objects. This actions is ; similar to the Report action but en exit code does ; not contains an information about such objects. ; This action also is usefull for the GUI version. InfectedFiles = Report SuspiciousFiles = Report IncurableFiles = Report ActionAdware = Report ActionDialers = Report ActionJokes = Report ActionRiskware = Report ActionHacktools = Report ActionInfectedArchive = Report ActionInfectedMail = Report ActionInfectedContainer = Report ; ==================== ; = Log settings = ; ==================== ;LogFileName = { file name } ; Log file name. You may specify "syslog" as name, the report will be ; logged by means of syslogd system service. Using syslog, pay ; attention to SyslogFacility and SyslogPriority options. Since ; syslog has a few files to log different events and different degrees ; of their importance, you can find out where the scanner's report will ; be written to, basing on these two parameters and the contents of ; the configuration file syslog (usually /etc/syslogd.conf). ;LogFileName = "syslog" ;SyslogFacility = "Daemon" ;SyslogPriority = "Info" LogFileName = "/var/drweb/log/drweb.log" ;LimitLog = { Yes | No } ; Enable/Disable limit for log file size. Parameter ; is used only if LogFileName is not "syslog" ; See alse MaxLogSize for limit. LimitLog = No ;MaxLogSize = { filesize in Kb } ; This parameter defines maximum size of logfile and is ; used only if LimitLog = Yes. MaxLogSize = 512 ;LogScanned = { Yes | No } ; Should the information on all the checked objects independently ; infected or not get logged in the log file. LogScanned = Yes ;LogInfected = { Yes | No } ; Whether or not the information on infected objects get logged in the log file. ;LogInfected = Yes ;LogPacked = { Yes | No } ; Should the additional information on the files packed by the DIET, ; PKLITE etc. utilities get logged in the log file. LogPacked = Yes ;LogArchived = { Yes | No } ; Should the additional information on the archiving programs (like ; RAR, ZIP, TAR etc) get logged in the log file. LogArchived = Yes ;LogTime = { Yes | No } ; Should the time of every record get logged. LogTime = Yes ;LogStatistics = { Yes | No } ; Should the summary statistic get printed after end of scanning. LogStatistics = Yes ;RecodeNonprintable = { Yes | No } ; Mode of output of unvisible for this terminal symbols into the logfile. RecodeNonprintable = Yes ;RecodeMode = { Replace | QuotedPrintable } ; Method of recoding of unvisible symbols, if RecodeNonprintable equal to ; "Yes". Unvisible symbols would been replaced by RecodeChar (see below), ; if this option has "Replace" value. RecodeMode = QuotedPrintable ;RecodeChar = { "?" | "_" | ... } ; Defines a symbol that would been placed instead of unvisible symbols, ; if RecodeMode option has "Replace" value. RecodeChar = "?" ; ================================= ; = Archive scanning settings = ; ================================= ;MaxCompressionRatio = { value } ; Maximum compression ratio, i.e. ratio of the unpacked file length ; to the length of the packed file in the archive. If the ratio ; exceeds the value, the file will not be extracted and therefore ; will not be checked. Note: a message with such a file will be ; treated as "mail bomb" ; NOTE: See also ArchiveRestriction action in filters configurations. ;MaxCompressionRatio = 5000 ;CompressionCheckThreshold = { value in Kb } ; Maximum file size inside archive, beginning from which the ; maximum compression ratio will be checked (if enabled by ; MaxCompressionRatio switch). ;CompressionCheckThreshold = 1024 ;MaxFileSizeToExtract = { value in Kb } ; The maximum size of the file extracted from an archive. If the file ; in the archive exceeds the value it will be skipped. A message with ; such a file will be treated as "mail bomb". ; NOTE: See also ArchiveRestriction action in filters configurations. MaxFileSizeToExtract = 500000 ;MaxArchiveLevel = { value } ; The maximum archive recursion (archive in archive in archive etc). ; A message with such a file will be treated as "mail bomb". ; NOTE: See also ArchiveRestriction action in filters configurations. MaxArchiveLevel = 8 ;--------------------------------------------------------------- [Updater] ; ==================== ; = General settings = ; ==================== ;Section = { Daemon | Scanner } ; Says to the Dr.Web Updater that component should been kept up to date. ; This option could be overwritten by the --what= command line switch. Section = Daemon ;ProgramPath = { path to file } ; The path to daemon\scanner. It is used by Dr.Web Update System for getting ; product version and API information of installed binaries. ProgramPath = /opt/drweb/drwebd ;SignedReader = { path to file } ; This program is used by Dr.Web Update System for reading signed files. SignedReader = /opt/drweb/read_signed ;LockFile = { path to file } ; This file is used by Dr.Web Updater to prevent executing of multiply instances. LockFile = /var/drweb/run/update.lock ;CronSummary = { Yes | No } ; The Dr.Web Updater prints out a result of update session to stdout if ; this option is set to "yes". This feature can be used for an adminstrator ; notification by e-mail if the updater is executed by cron. CronSummary = Yes ;DrlFile = { path to file } ; This file is used by Dr.Web Update System and contains a list of currenlty ; available updates servers. The updater randomly selects a server from this ; list for each update session. This file is signed by Dr.Web Ltd, cannot ; be changed and is updated automatically by Dr.Web Updater. DrlFile = "/var/drweb/bases/update.drl" ; ==================================== ; = Download utility (wget) settings = ; ==================================== ;Timeout = { value, in seconds } ; This option defines the --timeout option for wget utility. ; The timeout is defined for a signle downloading session not for ; whole update session. Leave option is commented out or empty if ; want using infinite timeouts. Timeout = 30 ;ProxyLogin = { name } ; This option defines the --proxy-user option for wget utility. ; Leave option is commented out or empty if haven't proxy. ProxyLogin = ;ProxyPassword = { password } ; This option defines the --proxy-passwd option for wget utility. ; Leave option is commented out or empty if haven't proxy. ProxyPassword = ;WgetOptions = { string } ; This option defines additional options for wget utility. ; You should use following options: -q -O --tries --timeout ; --user-agent --proxy-user --proxy-password. ; WARNING: Incorrect usage of this parameter may makes Dr.Web ; Updater inoperable ;WgetOptions = "" ; ==================== ; = Log settings = ; ==================== ;LogFileName = { file name } ; Log file name. LogFileName = "/var/drweb/log/updater.log" ;LogLevel = { Debug | Verbose | Info | Warning | Error | Quiet } ; This option defines a level of logged details. LogLevel = Verbose |