I've installed dr.web on Suse SLES 1SP 4 (it wasn't easy) in central protection mode.
Now I have one error with spider guard (error x102 invalid configuration) and doesn't understand why.
I've tried the suggestions found here, but noting was changed.
http://ftp.drweb.com/pub/drweb/unix/doc/HTML/ControlCenter/en/dw_8_errors.htm
Someone have any suggestions?
Thanks,
Fabrizio
Enterprise suite error on SUSE SLES
#1
Отправлено 30 Май 2016 - 19:03
#2
Отправлено 30 Май 2016 - 19:10
Hello!
Please show ouput of this command:
drweb-ctl cfshow
and this:
cat /etc/opt/drweb.com/drweb.ini
Second command must be executed by root user, use su or sudo
Сообщение было изменено Danil Biruykov-Romanov: 30 Май 2016 - 19:12
#3
Отправлено 30 Май 2016 - 21:34
The drweb.ini is empty. I've followed this from dr.web documentations:
Error code: x102
Description: One of Dr.Web for Linux components cannot be in operation due to incorrect configuration settings.
Resolving the error:
SpIDer Guard: the specified operation mode is not supported by the operating system.
•Execute the command
# drweb-ctl cfset LinuxSpider.Mode AUTO
to switch the operation of SpIDer Guard to automatic mode.
•If the error persists, manually build and install the loadable kernel module to be used by SpIDer Guard.
Note that operation of SpIDer Guard and of the loadable kernel module is guaranteed only on the tested Linux distributives (see System Requirements).
Other components:
•Restore software defaults. For that purpose
3.Clear contents of the file /etc/opt/drweb.com/drweb.ini. It is recommended to back up the file before the procedure. For example:
# cp /etc/opt/drweb.com/drweb.ini /etc/opt/drweb.com/drweb.ini.save
# echo "" > /etc/opt/drweb.com/drweb.ini
4.Execute the command
# service drweb-configd restart
to restart Dr.Web for Linux.
If the error persists, contact technical support and be ready to name the error code.
the drdrweb-ctl cfshow command report this:
Root.LogLevel = Notice
Root.Log = Syslog:Daemon
Root.PublicSocketPath = /var/run/.com.drweb.public
Root.AdminSocketPath = /var/run/.com.drweb.admin
Root.DebugIpc = No
Root.CoreEnginePath = /var/opt/drweb.com/lib/drweb32.dll
Root.VirusBaseDir = /var/opt/drweb.com/bases
Root.KeyPath = /etc/opt/drweb.com/drweb32.key
Root.CacheDir = /var/opt/drweb.com/cache
Root.TempDir = /tmp
Root.RunDir = /var/run
Root.VarLibDir = /var/opt/drweb.com/lib
Root.VersionDir =
Root.DwsDir = /var/opt/drweb.com/dws
Root.HtmlTemplatesDir = /var/opt/drweb.com/html
Root.MailTemplatesDir = /var/opt/drweb.com/mail
Root.AdminGroup =
Root.TrustedGroup = drweb
Root.DefaultLogLevel = Notice
ScanEngine.LogLevel = Notice
ScanEngine.Log = Auto
ScanEngine.ExePath = /opt/drweb.com/bin/drweb-se
ScanEngine.IdleTimeLimit = 1h
ScanEngine.FixedSocketPath =
ScanEngine.MaxForks = 4
ScanEngine.WatchdogInterval = 1.5s
FileCheck.LogLevel = Notice
FileCheck.Log = Auto
FileCheck.ExePath = /opt/drweb.com/bin/drweb-filecheck
FileCheck.IdleTimeLimit = 30s
FileCheck.DebugClientIpc = No
FileCheck.DebugScan = No
FileCheck.DebugFlowScan = No
FileCheck.DebugProxyScan = No
FileCheck.DebugCache = No
FileCheck.MaxCacheSize = 50MB
FileCheck.RescanInterval = 1s
Update.LogLevel = Notice
Update.Log = Auto
Update.ExePath = /opt/drweb.com/bin/drweb-update
Update.RunAsUser = drweb
Update.UpdateInterval = 30m
Update.NetworkTimeout = 1m
Update.RetryInterval = 3m
Update.MaxRetries = 3
Update.Proxy =
Update.ExcludedFiles = drweb32.lst
Update.BaseUpdateEnabled = Yes
Update.BaseDrlPath = /var/opt/drweb.com/bases/update.drl
Update.BaseCustomDrlPath = /var/opt/drweb.com/drl/custom.drl
Update.VersionUpdateEnabled = No
Update.VersionDrlPath =
Update.DwsUpdateEnabled = Yes
Update.DwsDrlPath = /var/opt/drweb.com/dws/update.drl
Update.DwsCustomDrlPath = /var/opt/drweb.com/dws/custom.drl
ESAgent.LogLevel = Notice
ESAgent.Log = Auto
ESAgent.ExePath = /opt/drweb.com/bin/drweb-esagent
ESAgent.DebugIpc = No
ESAgent.MobileMode = Auto
ESAgent.Discovery = On
NetCheck.LogLevel = Notice
NetCheck.Log = Auto
NetCheck.ExePath = /opt/drweb.com/bin/drweb-netcheck
NetCheck.RunAsUser = drweb
NetCheck.IdleTimeLimit = 30s
NetCheck.LoadBalanceUseSsl = No
NetCheck.LoadBalanceSslCertificate =
NetCheck.LoadBalanceSslKey =
NetCheck.LoadBalanceSslCa =
NetCheck.LoadBalanceServerSocket =
NetCheck.LoadBalanceAllowFrom =
NetCheck.LoadBalanceSourceAddress =
NetCheck.LoadBalanceTo =
NetCheck.LoadBalanceStatusInterval = 1s
NetCheck.SpoolDir = /tmp/netcheck
NetCheck.LocalScanPreference = 1
GateD.LogLevel = Notice
GateD.Log = Auto
GateD.ExePath = /opt/drweb.com/bin/drweb-gated
GateD.HttpProxy =
GateD.InputDivert = Off
GateD.OutputDivert = Auto
GateD.KernelDivert = Off
GateD.ExcludedProc =
GateD.UnwrapSsl = No
GateD.HttpCheckAddress = Yes
GateD.HttpCheckContent = Yes
GateD.BlockInfectionSource = Yes
GateD.BlockNotRecommended = Yes
GateD.BlockAdultContent = No
GateD.BlockViolence = No
GateD.BlockWeapons = No
GateD.BlockGambling = No
GateD.BlockDrugs = No
GateD.BlockObsceneLanguage = No
GateD.BlockChats = No
GateD.BlockTerrorism = No
GateD.BlockFreeEmail = No
GateD.BlockSocialNetworks = No
GateD.BlockDueToCopyrightNotice = Yes
GateD.SmtpCheckContent = No
GateD.Pop3CheckContent = No
GateD.ImapCheckContent = No
GateD.Whitelist =
GateD.Blacklist =
GateD.ScanTimeout = 30s
GateD.HeuristicAnalysis = On
GateD.PackerMaxLevel = 8
GateD.ArchiveMaxLevel = 8
GateD.MailMaxLevel = 8
GateD.ContainerMaxLevel = 8
GateD.MaxCompressionRatio = 500
GateD.BlockKnownVirus = Yes
GateD.BlockSuspicious = Yes
GateD.BlockAdware = Yes
GateD.BlockDialers = Yes
GateD.BlockJokes = No
GateD.BlockRiskware = No
GateD.BlockHacktools = No
GateD.BlockUnchecked = No
GateD.UseCloud = Yes
GateD.DebugSocketPath =
CloudD.LogLevel = Notice
CloudD.Log = Auto
CloudD.ExePath = /opt/drweb.com/bin/drweb-cloudd
CloudD.RunAsUser = drweb
CloudD.IdleTimeLimit = 30s
CloudD.EnableCache = No
Firewall.LogLevel = Notice
Firewall.Log = Auto
Firewall.ExePath = /opt/drweb.com/bin/drweb-firewall
Firewall.CheckedRedirect = Off
LinuxGUI.ExePath = /opt/drweb.com/bin/drweb-gui
LinuxGUI.ExcludedPath = /proc
LinuxGUI.OnKnownVirus = Cure
LinuxGUI.OnIncurable = Quarantine
LinuxGUI.OnSuspicious = Quarantine
LinuxGUI.OnAdware = Quarantine
LinuxGUI.OnDialers = Quarantine
LinuxGUI.OnJokes = Report
LinuxGUI.OnRiskware = Report
LinuxGUI.OnHacktools = Report
LinuxGUI.ScanTimeout = 0
LinuxGUI.CheckEmails = No
LinuxGUI.CheckArchives = Yes
LinuxGUI.AutoApplying = Yes
LinuxGUI.ShowNotifications = Yes
LinuxGUI.PlaySound = Yes
LinuxSpider.LogLevel = Notice
LinuxSpider.Log = Auto
LinuxSpider.ExePath = /opt/drweb.com/bin/drweb-spider
LinuxSpider.Start = Yes
LinuxSpider.IncludedPath = /
LinuxSpider.ExcludedPath = /proc
LinuxSpider.Mode = Auto
LinuxSpider.ExcludedProc =
LinuxSpider.OnKnownVirus = Cure
LinuxSpider.OnIncurable = Quarantine
LinuxSpider.OnSuspicious = Quarantine
LinuxSpider.OnAdware = Report
LinuxSpider.OnDialers = Report
LinuxSpider.OnJokes = Report
LinuxSpider.OnRiskware = Report
LinuxSpider.OnHacktools = Report
LinuxSpider.ScanTimeout = 30s
LinuxSpider.HeuristicAnalysis = On
LinuxSpider.PackerMaxLevel = 8
LinuxSpider.ArchiveMaxLevel = 8
LinuxSpider.MailMaxLevel = 0
LinuxSpider.ContainerMaxLevel = 8
LinuxSpider.MaxCompressionRatio = 500
sles11-test:~ #
Thanks for help.
Fabrizio
#4
Отправлено 31 Май 2016 - 11:51
With disabled central protection mode spider guard works?
You can check it with Demo licence.
Also please show output of:
drweb-ctl appinfo
#5
Отправлено 31 Май 2016 - 12:14
With disabled central protection mode spider guard works?
You can check it with Demo licence.
Also please show output of:
drweb-ctl appinfo
In demo mode I have the same error.
This is the output of drweb-ctl appinfo
sles11-test:~ # drweb-ctl appinfo
ConfigD; 17817; RUNNING 1/1; Installed (ScanEngine FileCheck Update ESAgent NetCheck GateD CloudD Firewall LinuxGUI LinuxSpider)
ScanEngine; 18126; RUNNING 1/1; Core engine 7.00.18.03140, 7228936 virus records, max forks 4
FileCheck; 18147; RUNNING 1/0
NetCheck; 17953; RUNNING 1/0; local scan available; total 4 scanning cores available
GateD; 17837; RUNNING 1/1; Running
CloudD; 17956; RUNNING 1/1
Firewall; 17955; RUNNING 1/1
LinuxGUI; 16979; RUNNING 1/1
#6
Отправлено 31 Май 2016 - 13:15
Please, in demomode do from root:
#drweb-ctl cfset root.defaultloglevel debug
#/etc/init.d/drweb-configd restart
After that give us a fragment of /var/log/messages from the moment of restarting drweb-configd
How did you setup drweb-workstations - from repo or from run-package?
#7
Отправлено 31 Май 2016 - 13:26
Attached the /var/log/messages (I've renamed with .txt for upload)
The command /etc/init.d/drweb-configd restart
start at May 31 11:54:29
One more question: how to disable the dr.web firewall?
Thanks, Fabrizio
Прикрепленные файлы:
#8
Отправлено 01 Июнь 2016 - 16:29
> One more question: how to disable the dr.web firewall?
Disable Spider Gate in Linux GUI
#9
Отправлено 01 Июнь 2016 - 16:40
To fix Spider Guard error you need to build kernel modue (Appendix E. Building Kernel Module for SpIDer Guard)
1. Install package kernel-default-devfel
2. Open terminal and login as root user using "su" or "sudo" commands
3. Go to /opt/drweb.com/share/drweb-spider-kmod/src directory
cd /opt/drweb.com/share/drweb-spider-kmod/src
4. Extract archive
tar -xf drweb-spider-kmod-11.0.0-1603022030.tar.bz2
5. Now build and install module:
make && make install && depmod
6. Now set force usage kernel module:
drweb-ctl cfset linuxspider.mode LKM
#10
Отправлено 01 Июнь 2016 - 18:32
To fix Spider Guard error you need to build kernel modue (Appendix E. Building Kernel Module for SpIDer Guard)
1. Install package kernel-default-devfel
2. Open terminal and login as root user using "su" or "sudo" commands
3. Go to /opt/drweb.com/share/drweb-spider-kmod/src directory
cd /opt/drweb.com/share/drweb-spider-kmod/src
4. Extract archive
tar -xf drweb-spider-kmod-11.0.0-1603022030.tar.bz2
5. Now build and install module:
make && make install && depmod
6. Now set force usage kernel module:
drweb-ctl cfset linuxspider.mode LKM
It work.
Thanks you very nuch for your help.
Regards, Fabrizio
#11
Отправлено 02 Июнь 2016 - 10:56
To fix Spider Guard error you need to build kernel modue (Appendix E. Building Kernel Module for SpIDer Guard)
1. Install package kernel-default-devfel
2. Open terminal and login as root user using "su" or "sudo" commands
3. Go to /opt/drweb.com/share/drweb-spider-kmod/src directory
cd /opt/drweb.com/share/drweb-spider-kmod/src
4. Extract archive
tar -xf drweb-spider-kmod-11.0.0-1603022030.tar.bz2
5. Now build and install module:
make && make install && depmod
6. Now set force usage kernel module:
drweb-ctl cfset linuxspider.mode LKM
It work.
Thanks you very nuch for your help.
Regards, Fabrizio
Glad to help you.
Читают тему: 1
0 пользователей, 1 гостей, 0 скрытых