[Mimedefang] mimedefang -> tcp/ip -> clamd [solved]
Florian Meister
Florian.Meister at medienhaus.at
Fri Aug 27 15:54:14 EDT 2004
If anybody is interested in ...
I have patched my mimedefang.pl to support the clamd-tcp-socket. It
sends the files to scan using the stream-command from clamd. I have
tried it and it works very well.
But ... I'm not using it anymore, because clamd takes nearly no
system-resources, and so I run clamd on the same machine.
--snip--
#***********************************************************************
# %PROCEDURE: message_contains_virus_clamd_tcp
# %ARGUMENTS:
# clamd_host (optional) -- clamd hostname:port
# %RETURNS:
# 1 if any file in the working directory contains a virus
# %DESCRIPTION:
# Invokes the clamd daemon (http://www.clamav.net/)
# on the entire message.
#***********************************************************************
sub message_contains_virus_clamd_tcp (;$) {
my ($clamd_host) = $ClamdHost;
$clamd_host = shift if (@_ > 0);
$clamd_host = "127.0.0.1:3310" if (!defined($clamd_host));
my $output;
# PING/PONG test to make sure clamd is alive
my $sock = IO::Socket::INET->new($clamd_host);
if (defined $sock) {
$sock->print("PING");
$sock->flush;
$sock->sysread($output,256);
$sock->close;
chomp($output);
if (! defined($output) || $output ne "PONG") {
md_syslog('err', "$MsgID: clamd is not responding");
return (wantarray ? (999, 'cannot-execute', 'tempfail') :
999);
}
}
else {
md_syslog('err', "$MsgID: Could not connect to clamd daemon at
$clamd_host");
return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);
}
########################################################################
#################################
# open up a socket and scan each file in ./Work
########################################################################
#################################
$sock = IO::Socket::INET->new($clamd_host);
if (defined $sock) {
if (!$sock->print("STREAM")) {
$sock->close;
return (wantarray ? (999, 'swerr', 'tempfail') : 999);
}
my ($output1,$sendport);
my $ans = $sock->sysread($output1,256);
if (!defined($ans) || !$ans) {
return (wantarray ? (999, 'swerr', 'tempfail') : 999);
}
if ($output1 =~ /PORT (.+)/) {
$sendport .= $1;
}
my $sendhost;
($sendhost) = ($clamd_host =~ /^(.+):/);
$sendhost = "$sendhost:$sendport";
my $sendsocket = IO::Socket::INET->new($sendhost);
if (defined $sendsocket)
{
opendir(DIR, "$CWD/Work") or die "can't open dir
$CWD/Work: $!\n";
while (defined(my $file = readdir(DIR)))
{
open(INPUT, "< $CWD/Work/$file") or die
"Couldn't open $CWD/Work/$file for reading: $!\n";
while(<INPUT>)
{
print $sendsocket $_;
}
close INPUT;
}
closedir(DIR);
}
$sendsocket->close;
if (!$sock->flush) {
$sock->close;
return (wantarray ? (999, 'swerr', 'tempfail') : 999);
}
$ans = $sock->sysread($output,256);
$sock->close;
if (!defined($ans) || !$ans) {
return (wantarray ? (999, 'swerr', 'tempfail') : 999);
}
if ($output =~ /: (.+) FOUND/) {
$VirusScannerMessages .= "clamd found the $1 virus.\n";
$VirusName = $1;
return (wantarray ? (1, 'virus', 'quarantine') : 1);
}
}
else {
# Could not connect to daemon
md_syslog('err', "$MsgID: Could not connect to clamd daemon at
clamd_host");
return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);
}
# No errors, no infected files were found
return (wantarray ? (0, 'ok', 'ok') : 0);
}
--snip--
Ciao, flo
More information about the MIMEDefang
mailing list