> I was thinking about communicating
> directly
> with clamd through a UNIX socket, but I couldn't
> find clamAV's protocol specification. Is there documentation on it? Do 
> you have any suggestion on how
> to implement this virus scanning process?

Have you looked at Section 5 of clamdoc.pdf?
[http://www.clamav.net/doc/0.81/clamdoc.pdf]
It's also in the docs folder if you do a pull from CVS or download one of
the stable source tarballs.

Working with clamd is pretty straightforward. Once you have connected to the
socket that clamd is listening on, you can send it a handful of command
verbs:

PING
VERSION
SCAN
STREAM
RELOAD
SHUTDOWN
Etc.

In the case of a STREAM scan, clamd responds with a port to send the stream
to. After you have connected, sent the stream, and closed the port, clamd
reports the status of the scan in the session where you sent the STREAM
command.

> I'm at a Windows box right now

Also, if you are developing on a Windows box you can connect to clamd on a
remote UNIX host if you tweak clamd.conf to set up clamd to run listen on a
TCP socket instead of a local socket in the clamd. Another, self-contained,
alternative is to install Windows Services for UNIX (which includes the
Interix POSIX subsystem) and SDK on your Windows box. SFU is free-of-charge
from Microsoft. Once you have SFU/Interix running you can get the ClamAV
package for Interix from the InteropSystems warehouse.

[http://www.microsoft.com/windows/sfu/]
[http://www.interopsystems.com/tools/warehouse.htm]

Cheers.

Brian A. Reiter
WolfeReiter, LLC [http://www.wolfereiter.com]

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-devel

Reply via email to