Configuring virus throttle parameters, Monitoring virus throttle status – HP NC370F PCI-X Multifunction Gigabit Server Adapter User Manual
Page 8
Using Virus Throttle 8
Virus Throttle requires both the iptable_filter and ip_queue modules. If both modules are not installed on
the system when Virus Throttle is started, an error message is displayed. Currently, only one application
may register for the iptables QUEUE target. If another application has already registered for the QUEUE
target, an error message is displayed.
Configuring Virus Throttle parameters
When you first install Virus Throttle the configuration parameters for the filter driver are set to the defaults.
Changes to the configuration file can be made with any text editor. However, Virus Throttle must be
restarted before any changes can take affect. See Restarting Virus Throttle.
The Virus Throttle configuration file is located at
# /etc/opt/hp/hp-vt/hp-vt.conf
The following default parameters can be edited:
•
delay_queue_size=200
Controls the maximum number of delayed connection requests in the delay queue. When the queue
is full, connection requests are dropped. The default is 200 delayed connection requests. The valid
range is 10–1000.
•
delay_queue_high_watermark=160
Controls the number of connection requests in the delay queue at which "virus-like" activity is
considered to be occurring. The default is 160 connection requests. The valid range is 8–the value of
delay_queue_size.
•
delay_queue_low_watermark=100
Controls the number of connection requests in the delay queue below which "virus-like" activity is
considered to be stopped. The default is 100 connection requests. The valid range is 4–the value of
delay_queue_high_watermark minus 4.
•
delay_queue_delay_seconds=1
Controls the rate at which the oldest connection request and all other connection requests to that
same host are passed down the protocol stack. The default is 1 second. The valid range is 1–10
seconds.
•
host_working_set_size=5
Controls the number of known hosts to which connections are established without delay. When a
new connection is made, the oldest member of the working set is replaced with the new host. The
default is 5 hosts. The valid range is 1–100.
•
shared_memory_key=0x48505654
Used in shmget calls, and should not normally be changed. An example of when this key may need
to be changed is if there is a conflict with another application using the key. If the key is changed,
the hp-vt status will not work until hp-vt has been restarted. The format of the key is four bytes in hex
that start with “0x,” in other words 0x48505654. To show the shared memory segments currently in
use, run ipcs –m. The default value is hex representing ascii “HPVT”.
Monitoring Virus Throttle status
When Virus Throttle is running, use the following command to display the status:
# /etc/init.d/hp-vt status