F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
48
Maximum number of simultaneous connections
Maximum connections
(pre_spawn)
Specifies the maximum number of simultaneous connections from clients. The specified
number of processes listen for connections from clients.
You can check the number of connections used in “Internal process ID” in the access log
(access.log).
■
If you increase the value of this setting, the number of simultaneous connections is
increased, but it requires more memory. Approximately 500 KB of memory is used per
process.
■
A warning is output to the error log if the maximum number of connections is reached.
■
We recommend that you set an initial value of approximately 50 and then monitor the
performance. The setting is usually set to a value of less than 200. (The setting itself
permits values up to 9999.)
)
Access control
Access Control
From
From:
(acl_from)
Only accepts connections from the designated list of hosts.
If you have enabled
DNS Reverse Lookup
, you can also specify <host name>.<domain
name>.
For examples, see “
Access Control
”, 65.
If you edit the [From these hosts] setting by using the web console, the pop from field is
updated in /opt/f-secure/fsigk/conf/hosts.allow.
To
To:
(acl_to)
Only accepts connections to the designated list of hosts.
For examples, see “
Access Control
”, 65.
If you edit the [To these hosts] setting by using the web console, the pop to field is updated
in /opt/f-secure/fsigk/conf/hosts.allow.
DNS reverse lookup
DNS Reverse Lookup (reverselookup)
Looks up the DNS entry for the source IP address.
When you enable DNS reverse lookup, you can use <host name>.<domain name> format to
specify the [Access control]=[From these hosts] settings. The host name of the accessing host
is also shown in the access log.
However, this setting reduces processing speed slightly.
Blocked e-mail content
Block for:
ActiveX
ActiveX
(block_activex)
Blocks HTML e-mail with embedded ActiveX content.
The detection name is "FSIGK/POLICY_BLOCK_ACTIVEX".