Какой продукт используете (в том числе интересна версия)?
Лицензия из файла или AV-Desk?
Покажите, что выводит:
drweb-ctl cfshow LinuxFirewall
Ещё хорошо бы посмотреть на вывод:
drweb-ctl lic -d
первое:
LinuxFirewall.LogLevel = Notice
LinuxFirewall.Log = Auto
LinuxFirewall.ExePath = /opt/drweb.com/bin/drweb-firewall
LinuxFirewall.AutoconfigureIptables = Yes
LinuxFirewall.AutoconfigureRouting = Yes
LinuxFirewall.LocalDeliveryMark = Auto
LinuxFirewall.ClientPacketsMark = Auto
LinuxFirewall.ServerPacketsMark = Auto
LinuxFirewall.TproxyListenAddress = 10.0.0.2:0
LinuxFirewall.OutputDivertEnable = Yes
LinuxFirewall.OutputDivertNfqueueNumber = Auto
LinuxFirewall.OutputDivertConnectTransparently = No
LinuxFirewall.InputDivertEnable = Yes
LinuxFirewall.InputDivertNfqueueNumber = Auto
LinuxFirewall.InputDivertConnectTransparently = Yes
LinuxFirewall.ForwardDivertEnable = Yes
LinuxFirewall.ForwardDivertNfqueueNumber = Auto
LinuxFirewall.ForwardDivertConnectTransparently = No
LinuxFirewall.Whitelist =
LinuxFirewall.Blacklist =
LinuxFirewall.InspectHttp = Yes
LinuxFirewall.InspectPop3 = Yes
LinuxFirewall.InspectImap = Yes
LinuxFirewall.InspectSmtp = Yes
LinuxFirewall.InspectFtp = Yes
LinuxFirewall.ExcludedProc =
LinuxFirewall.UnwrapSsl = Yes
LinuxFirewall.BlockUnchecked = No
LinuxFirewall.BlockInfectionSource = Yes
LinuxFirewall.BlockNotRecommended = Yes
LinuxFirewall.BlockAdultContent = No
LinuxFirewall.BlockViolence = No
LinuxFirewall.BlockWeapons = No
LinuxFirewall.BlockGambling = No
LinuxFirewall.BlockDrugs = No
LinuxFirewall.BlockObsceneLanguage = No
LinuxFirewall.BlockChats = No
LinuxFirewall.BlockTerrorism = No
LinuxFirewall.BlockFreeEmail = No
LinuxFirewall.BlockSocialNetworks = No
LinuxFirewall.BlockDueToCopyrightNotice = Yes
LinuxFirewall.BlockOnlineGames = No
LinuxFirewall.BlockAnonymizers = No
LinuxFirewall.BlockCryptocurrencyMiningPools = Yes
LinuxFirewall.BlockJobs = No
LinuxFirewall.BlockKnownVirus = Yes
LinuxFirewall.BlockSuspicious = Yes
LinuxFirewall.BlockAdware = Yes
LinuxFirewall.BlockDialers = Yes
LinuxFirewall.BlockJokes = No
LinuxFirewall.BlockRiskware = No
LinuxFirewall.BlockHacktools = No
LinuxFirewall.ScanTimeout = 30s
LinuxFirewall.HeuristicAnalysis = On
LinuxFirewall.PackerMaxLevel = 8
LinuxFirewall.ArchiveMaxLevel = 8
LinuxFirewall.MailMaxLevel = 8
LinuxFirewall.ContainerMaxLevel = 8
LinuxFirewall.MaxCompressionRatio = 500
LinuxFirewall.RuleSet0 =
LinuxFirewall.RuleSet1 = : set UnwrapSSL = true
LinuxFirewall.RuleSet1 = divert output : set HttpTemplatesDir = "output"
LinuxFirewall.RuleSet1 = divert input : set HttpTemplatesDir = "input"
LinuxFirewall.RuleSet1 = divert forward : set HttpTemplatesDir = "output"
LinuxFirewall.RuleSet1 = : set MailTemplatesDir = "firewall"
LinuxFirewall.RuleSet2 =
LinuxFirewall.RuleSet3 =
LinuxFirewall.RuleSet4 =
LinuxFirewall.RuleSet5 = protocol in (Http), direction request, url_host in "LinuxFirewall.Blacklist" : BLOCK as BlackList
LinuxFirewall.RuleSet5 = protocol in (Http), direction request, url_host in "LinuxFirewall.Whitelist" : PASS
LinuxFirewall.RuleSet5 = protocol in (Ftp), url_host in "LinuxFirewall.Blacklist" : BLOCK as BlackList
LinuxFirewall.RuleSet5 = protocol in (Ftp), url_host in "LinuxFirewall.Whitelist" : PASS
LinuxFirewall.RuleSet6 =
LinuxFirewall.RuleSet7 = protocol in (Http), direction request, url_category in "LinuxFirewall.BlockCategory" : BLOCK as _match
LinuxFirewall.RuleSet7 = protocol in (Ftp), url_category in "LinuxFirewall.BlockCategory" : BLOCK as _match
LinuxFirewall.RuleSet8 =
LinuxFirewall.RuleSet9 = protocol in (Http, Ftp), divert input, direction request, threat_category in "LinuxFirewall.BlockThreat" : BLOCK as _match
LinuxFirewall.RuleSet9 = protocol in (Http, Ftp), direction response, threat_category in "LinuxFirewall.BlockThreat" : BLOCK as _match
LinuxFirewall.RuleSet9 = protocol in (Smtp), threat_category in "LinuxFirewall.BlockThreat" : REJECT
LinuxFirewall.RuleSet9 = protocol in (Smtp), url_category in "LinuxFirewall.BlockCategory" : REJECT
LinuxFirewall.RuleSet9 = protocol in (Pop3, Imap), threat_category in "LinuxFirewall.BlockThreat" : REPACK as _match
LinuxFirewall.RuleSet9 = protocol in (Pop3, Imap), url_category in "LinuxFirewall.BlockCategory" : REPACK as _match
LinuxFirewall.RuleSet10 =
LinuxFirewall.InterceptHook = local dwl = require 'drweb.lookup'
function intercept_hook(ctx)
-- do not check if group == Root.TrustedGroup
if ctx.divert == "output" and ctx.group == "drweb"
then
return "pass"
end
-- do not check connections from privileged ports
-- except FTP active mode
if ctx.src.port >= 0 and ctx.src.port <= 1024
and ctx.src.port ~= 20
then
return "pass"
end
return "check"
end
LinuxFirewall.XtablesLockPath =
второе:
Debug: Use ConfigD public socket "/var/run/.com.drweb.public"
Debug: ConfigD <-- SUBSCRIBE_TO_KEY
Debug: ConfigD --> KEY_NOTIFICATION
Notice: License number 145938527, expires 2021-Sep-03 11:16:37 (366 days left)
Debug: Activated: 2020-Sep-01 11:16:37
Debug: Allows start (scanner spider gate smb_spider nss)
я так понимаю в Allow start нужно добавить LinuxFirewall