Operating Principles

 Top  Previous  Next

The component is designed to request data from directory services (like Active Directory) and other data storages that support the LDAP protocol. Upon request, the received data (for example, users’ identifiers and rights) is transferred to Dr.Web for UNIX‘s components to be used in different rules for checks (for example, to allow a user to access a requested URL and etc.).

This manual does not describe the operating principle of LDAP and Active Directory. If necessary, refer to the corresponding reference materials, for example, RFC 4511.

The Dr.Web LookupD component is launched automatically by the configuration daemon Dr.Web ConfigD when required (i.e. upon receiving a request for data). The diagram of the component’s operation is shown in the figure below.

Figure 1. Diagram of the components’ operation

In this scheme, the following notations are used:

 

— Dr.Web for UNIX as a whole and external Dr.Web applications together with systems which are not included in the solution.

 

— external to Dr.Web for UNIX programs and products for its integration.

 

— Components that are included in Dr.Web for UNIX engine. Other product components use the engine as a service that performs anti-virus checks.

 

— Service components designed to perform particular anti-virus protection functions (for example, scanning file system objects, updating virus databases, managing the operation of the product).

 

— Components that provide the user with the interface for Dr.Web for UNIX.

 

— Quarantine as a set of file system directories which store isolated malicious files.

Components marked with a dashed line can be missing depending on the distribution.

Upon receiving a data request from any of the components (generally such a component is shown in the diagram as a “Client module”), the configuration daemon Dr.Web ConfigD starts Dr.Web LookupD (if it has not been started yet). Then the component makes a request to the required data source and returns a reply (usually a list of strings which meet the search criterion). In Dr.Web LookupD‘s settings you can specify an unlimited number of data sources. When forming a request for data retrieval, the client component must specify the source for data. Once Dr.Web LookupD is started, it will operate for some time waiting for new requests. If there are no more requests, after a waiting period Dr.Web LookupD shuts down automatically.

The basic way in which other components of the product use Dr.Web LookupD is for retrieving some data needed to check the validity of some conditions specified in the operation rules for these components. When checking the applicability of rules and the validity of conditions, data requests to Dr.Web LookupD are performed automatically.