PING/PONG is useless. It could have been better if the server had send a banner at connection startup.
Good point - that's much better for determining server state upon connection. This banner should also include the clamd version so that you don't have to use a separate connection for that either.
IMHO, the main misfit of the STREAM command is the random TCP port. You have to open your firewall to allow any connection to any port from clamd clients to servers.
I agree there. I hate FTP for the same reason :) Maybe the next version will have an in-band data transfer command. I hope. If not, I suggest 'DATA' to the developers, and it should go like this:
C: DATA <length> S: OK C: binary data... C: binary data... C: more data until 'length' bytes have been sent... S: stream: OK
Some other - return string is not clear (not documented)
True, I found out by trial and error, and I'm sure I'm not catching all possibilities at this point.
- server may close the stream connection when a virus is found
at start of data (not documented)
Without saying 'stream: VIRUSNAME FOUND'? That's bad.
-- Jim Ramsay
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
