[Exim] av_scanner with f-prot

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Mark M
Ημερομηνία:  
Προς: Exim Users
Αντικείμενο: [Exim] av_scanner with f-prot
Hello all,

Has anyone ever gotten exiscan (av_scanner) to work with f-prot?
I found a script to make it easier but I never gotten it to work:

Anyone have any pointers?

Eventually I would like not only clamd to scan fir viruses but also
f-prot.

Thanks!
Mark


==============
#!/bin/sh

# Usage: check_for_virus <filename>
# Returns: "CLEAN : OK" | "VIRUS : <information>" | "ERROR"
# Exitcode: 0=OK 2=SUSPICIOUS 3=VIRUS
# This script is under GPL

##############################################################################
#
# exiscan-conf
#
# exiscan_av_scanner_path = /path/to/script
# exiscan_av_scanner_options = |
# exiscan_av_scanner_regexp_trigger = VIRUS
# exiscan_av_scanner_regexp_description = (VIRUS.*)

#logger "check $1"

RET=0

# F-PROT (FRISK Software F-Prot Antivirus for Linux)
if test -x /usr/lib/f-prot/f-prot; then
#logger "Run Fprot"
         STATUS= /usr/lib/f-prot/f-prot -NOBOOT -dumb -NOMEM -NOSUB
-ARCHIVE -PACKED -ai -silent "$1"
2>/dev/null >/dev/null
         RETURNCODE=$?


         if test $RETURNCODE -eq 3; then
                 STATUS="virus found"
                 RET=3
         fi
         if test -n "$STATUS"; then
                 INFO=`/usr/lib/f-prot/f-prot -ai -dumb -NOBOOT -NOMEM
-NOSUB -ARCHIVE -PACKED "$1" 2>/dev/null|grep
-iE "infection:"|sed -e 's/.*infection:\(.*\)/\1/i' -e 's/^[ \>]*//g'
-e 's/[ ]*$//g'`
                 echo "VIRUS $INFO"
                 logger "VIRUS FOUND!! with F-Prot - $INFO"


         fi
fi


# NAI VirusScan (McAfee VirusScan for Unix Linux 4.14.0)
if test $RET -eq 0; then
  if test -x /usr/local/bin/uvscan; then
#logger "Run uvscan "
      /usr/local/bin/uvscan --noboot --unzip --secure "$1" 2>/dev/null

>/dev/null

         if test $? -eq 13; then
                 INFO=`/usr/local/bin/uvscan --noboot --unzip --secure
"$1" 2>/dev/null|grep -iE
"Found.*virus"|sed -e 's/.*Found the \(.*\)/\1/i' -e 's/^[ ]*//g' -e
's/[ ]*$//g'`
                 echo "VIRUS $INFO"
                 logger "VIRUS FOUND!! with UVSCAN - $INFO"
                 RET=3
         else
               #  logger "VIRUS check for $1: ok"
                 echo "CLEAN:OK"
         fi
  fi
fi
exit $RET


exit 0
====================

--
MICROSOFT: Most Intelligent Customers Realize Our Software is Only for
Fools and Teenagers.
spamtrap@???: arnold@??? zebra@???
Sparse binary polynomial matching with a Bayesian Chain Rule evaluator
Yeah.. U-huh.