Chris, Very good your answer. Thank you very very much.
Do you use FreeBSD, too? If so, did you upgrade Perl to 5.8? Amavisd-new is still in version 20020517 in FreeBSD ports tree. I've tried to install Amavisd-20021116 but I didn't get to make it work yet because the incompatibility of some perl requiments. Thank's once more Ronan On Fri, 29 Nov 2002 18:42:58 +0000 Chris Hastie <[EMAIL PROTECTED]> wrote: > On Fri, 29 Nov 2002, Tomasz Kojm <[EMAIL PROTECTED]> wrote > >On Thu, Nov 28, 2002 at 04:00:08PM -0500, Ed Phillips wrote: > >> > >> How would you make it better? clamd seems to work pretty well for us > >> scanning more than 100,000 messages per day. It hasn't crashed or > >> anything... been running perfectly for a couple of weeks under this load. > > > > > >Currently clamd works like a champ under Linux and Solaris. Amavisd-new > >installation process (with clamscan and clamd) has been described by > >Chris Hastie few days ago: > > > >http://archive.elektrapro.com/clamav.elektrapro.com/users/2002/11/msg00105.html > > > > This refers to amavisd-new-20021116. I did post something to the amavis > list about using clamd with 20020517, which you should be able to find > on marc. > > Basically, I had the code below in my virus_scan() routine. It was then > necessary to set ONE of $clamd_sockname (set to path to unix socket), > $clamd (set to anything you like - will use INET socket), OR $clamscan > (path to clamscan - uses clamscan), depending on your preference. Only > set a value for ONE of these!!! > > You'll note that because of the experimental nature of clamd I've > included a fallback here, so that if clamd fails, scanning falls back to > clamscan. This works with the UNIX socket code - I seem to remember > someone saying it didn't work with the INET stuff. I'm not sure I ever > tested that! > > This code is a hack of existing bits of code and I take no > responsibility for it!! In particular, be aware that there is stuff in > the UNIX socket code that I don't understand :) But it did work on my > system until I moved to 20021116. > > # > # ClamAV Daemon - unix socket > # > my $clamscan_fallback; > if ($clamd_sockname) { > do_log(2,"Using Clamd - unix socket"); > if ($child_task_count == 1) { > unless (socket(\*clamd_sock, AF_UNIX, SOCK_STREAM, 0)) { > do_log(0, "Can't create socket for Clamd: $!"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } > unless (connect(\*clamd_sock, pack_sockaddr_un $clamd_sockname)) { > do_log (0, "Can't connect to Clamd: $!"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } > } > my($chkdir) = "SCAN $TEMPDIR/parts/\n"; > > $SIG{PIPE} = 'IGNORE'; # 'send' to broken pipe throws a signal > my($retries) = 0; > for (;;) { # gracefully handle cases when Sophie child times out > do_log(2, "Sending directory name to Clamd: $TEMPDIR/parts/"); > while (!defined(syswrite(\*clamd_sock, $chkdir, length($chkdir)))) { > my($err) = "$!"; my($errn) = 0+$!; > $retries++; > if ($errn != EPIPE && $errn != ENOTCONN) { > do_log(0, "syswrite to Clamd socket failed: $err"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } else { > if ($retries > 2) { die "Too many retries to talk to Clamd" } > if ($err =~ /^Broken pipe/i) { # slow down a runaway loop > sleep(10 * ($retries-1)) if $retries > 1; > } > do_log( ($retries>1?0:1), > "Re-connecting to Clamd, attempt #$retries"); > close(\*clamd_sock); # and ignore status > unless (socket(\*clamd_sock, AF_UNIX, SOCK_STREAM, 0)) { > do_log(0, "Can't create socket for Clamd: $!"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } > unless (connect(\*clamd_sock, pack_sockaddr_un $clamd_sockname)) { > do_log (0, "Can't connect to Clamd: $!"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } > } > } > unless (defined(sysread(\*clamd_sock, $output, 256))){ > do_log(0, "sysread from Clamd socket failed: $!"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > goto CLAMDEND; > } > last if $output ne ''; > do_log( ($retries>1?0:1), > "Failed to get response from Clamd, retrying ($retries)"); > sleep 10; > } > > if ($output =~ /FOUND$/) { # no errors, a virus was found > $scanner_errors = 0; > @virusname = ($output =~ /: (.+) FOUND/g); > return 1; # 'true' indicates virus found and stops further checking > } elsif ($output =~ /OK$/) { # no errors, no viruses > $scanner_errors = 0; > } elsif ($output =~ /ERROR$/) { > do_log(0,"Virus scanner failure: Clamd - UNKNOWN STATUS (error code: > $output)"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > } else { > do_log(0,"Virus scanner failure: Clamd - UNKNOWN STATUS (error code: > $output)"); > do_log(0, " -> try clamscan"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > } > > CLAMDEND: > } > > > > # > # ClamAV Daemon > # > # use IO::Socket; > > if ($clamd) { > do_log(2,"Using clamd"); > my $sock = IO::Socket::INET->new('127.0.0.1:3310'); > # my $sock = IO::Socket::UNIX->new('/var/clamav/clamd'); > if (defined $sock) { > $sock->print("SCAN $TEMPDIR/parts\n"); > $sock->flush; > chomp($output = $sock->getline); > $sock->close; > do_log(2,$output); > if ($output =~ /FOUND$/) { # no errors, a virus was found > $scanner_errors = 0; > @virusname = ($output =~ /: (.+) FOUND/g); > return 1; # 'true' indicates virus found and stops further checking > } elsif ($output =~ /OK$/) { # no errors, no viruses > $scanner_errors = 0; > } elsif ($output =~ /ERROR$/) { > do_log(0,"Virus scanner failure: ScannerDaemon - UNKNOWN STATUS (error > code: $output) ->Try clamav"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > } else { > do_log(0,"Virus scanner failure: Clamd - unknown response '$output' > ->Try clamav"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > } > } else { > do_log(0,"Virus scanner failure: Clamd - can't connect to daemon ->Try > clamav"); > $clamscan_fallback = "/usr/local/bin/clamscan"; > } > } > > > # > # clamAV > # > if ($clamscan){ > do_log(2,"Using clamav"); > $output = qx($clamscan --stdout --disable-summary -r $TEMPDIR/parts); > $errval = retcode($?); > do_log(2, "clamscan: ".$output); > if ($errval == 0) { # no errors, no viruses found > $scanner_errors = 0; > } elsif ($errval == 1) { # no errors, viruses discovered > $scanner_errors = 0; > @virusname = $output =~ /^.*?: (?!Infected Archive)(.*) FOUND$/mg; > @virusname = (undef) if [EMAIL PROTECTED]; # just in case: make list > nonnil > return 1; > } else { # interrupted or some error preventing further execution > do_log(0,"Virus scanner failure: clamav (error code: $errval)"); > } > } > > # > # clamAV - fallback. This is used if Clamd fails for some reason. A safety net > # as clamd is not entirely stable. > # > if ($clamscan_fallback){ > do_log(2,"Using clamav"); > $output = qx($clamscan_fallback --stdout --disable-summary -r > $TEMPDIR/parts); > $errval = retcode($?); > do_log(2, "clamscan: ".$output); > if ($errval == 0) { # no errors, no viruses found > $scanner_errors = 0; > } elsif ($errval == 1) { # no errors, viruses discovered > $scanner_errors = 0; > @virusname = $output =~ /^.*?: (?!Infected Archive)(.*) FOUND$/mg; > @virusname = (undef) if [EMAIL PROTECTED]; # just in case: make list > nonnil > return 1; > } else { # interrupted or some error preventing further execution > do_log(0,"Virus scanner failure: clamav (error code: $errval)"); > } > $clamscan_fallback = ""; > } > > -- > Chris Hastie > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
