Well, here I go replying to my own email... See below for a solution.
[EMAIL PROTECTED] <> wrote:
> Hi all,
>
> Further to my message that I sent earlier regarding how to
> have clamd on
> a separate machine to the mail server I have discovered/done the
> following. Before I put this 'tested/works for me' code into
production,
> I would like to ask others if it sounds reasonable to do it
> this way...
[SNIP]
>
> B) Use tar to combine the files into a single tar file before sending
> across to the remote (might actually be a neat solution)...
>
> Ie, tar -cf - $allfiles | $clamuko_binary $clamuko_options - 2>&1
OK, here is my diff of qmail-scanner.pl to use clamd which is running on
a remote host. You will also need to patch clamdscan the client portion
of clamav, see below for that patch too.
I would appreciate people testing this and letting me know whether it
works for them etc. If enough people say that it works, then I will try
and get the clamdscan patch sent to the appropriate person. IMHO, this
is an important feature for clamav and qmail-scanner to work the same
way the spamassassin option can work...
Regards,
Adam
qmail-scanner-queue.pl:
--- qmail-scanner-queue.pl Sun Feb 1 17:28:06 2004
+++ qmail-scanner-queue.pl.tmp Sun Feb 1 17:30:03 2004
@@ -169,6 +169,8 @@
my $mimeunpacker_binary='/usr/local/bin/reformime ';
my $unzip_binary='/usr/bin/unzip';
my $unzip_options='-Pxxxxx';
+my $tar_binary='/bin/tar';
+my $tar_options='-cf -';
my $tnef_binary='/usr/local/bin/tnef';
my $rm_binary='/bin/rm';
my $grep_binary='/bin/grep';
@@ -195,7 +197,7 @@
my $clamscan_binary='/usr/local/bin/clamscan';
my $clamscan_options="-r --disable-summary --max-recursion=10
--max-space=1000000";
my $clamuko_binary='/usr/local/bin/clamdscan';
-my $clamuko_options="-r --disable-summary --max-recursion=10
--max-space=10000000";
+my $clamuko_options="--disable-summary --stdout";
my $spamc_binary='/usr/bin/spamc';
my $spamc_options=' -c -f -d 202.147.127.32';
my $spamc_subject='';
@@ -2117,9 +2119,9 @@
my ($clamuko_verbose,$clamuko_status);
$clamuko_verbose="-v" if ($DEBUG);
- &debug("run $clamuko_binary $clamuko_options $ENV{'TMPDIR'} 2>&1");
+ &debug("run $tar_binary $tar_options \"$ENV{'TMPDIR'}/\" |
$clamuko_binary $clamuko_options -");
- $DD=`$clamuko_binary $clamuko_options $ENV{'TMPDIR'} 2>&1`;
+ $DD=`$tar_binary $tar_options "$ENV{'TMPDIR'}/"| $clamuko_binary
$clamuko_options -`;
$clamuko_status=($? >> 8);
&debug("--output of clamuko was:\n$DD--");
Ie, simply define where tar can be found, and modify the clamdscan run
lines... (and debug lines)
Now for the slightly bigger patch to clamdscan. This is needed such that
if we are configured to scan files on a remote host then it will stream
the file instead of just passing the filename....
Actually, it isn't all needed since we are using - to pass the file in
and this was already handled mostly correctly. The main thing that is
needed either way to the section which obtains which IP address to
connect to.
One thing that might need to change also is to only request the IP
address once, and use it in both sections. This will only affect those
people that configure a hostname into the config file which resolves to
more than one IP (ie, round robin DNS load balanceing...)
Clamdscan/client.c
--- client.c 2003-12-20 23:27:44.000000000 +1100
+++ /tmp/client.c 2004-02-01 17:38:54.000000000 +1100
@@ -40,6 +40,7 @@
int sockd, wsockd, loopw = 60, bread, port;
const char *clamav_conf = getargl(opt, "config-file");
FILE *fd;
+ int myfileno;
if(!clamav_conf)
clamav_conf = DEFAULT_CFG;
@@ -127,10 +128,10 @@
return 2;
}
-
if(opt->filename == NULL || strlen(opt->filename) == 0) {
file = (char *) strdup(cwd);
- } else if(!strcmp(opt->filename, "-")) { /* scan data from stdin */
+ /* scan data from stdin or send content over network */
+ } else if(!strcmp(opt->filename, "-") || cfgopt(copt, "TCPAddr")) {
if(write(sockd, "STREAM", 6) <= 0) {
mprintf("@Can't write to the socket.\n");
close(sockd);
@@ -166,7 +167,18 @@
}
server2.sin_family = AF_INET;
- server2.sin_addr.s_addr = inet_addr("127.0.0.1");
+
+ if((cpt = cfgopt(copt, "TCPAddr"))) {
+ if ((he = gethostbyname(cpt->strarg)) == 0) {
+ close(sockd);
+ perror("gethostbyname()");
+ mprintf("@Can't lookup clamd hostname.\n");
+ return 2;
+ }
+ server2.sin_addr = *(struct in_addr *) he->h_addr_list[0];
+
+ } else server2.sin_addr.s_addr = inet_addr("127.0.0.1");
+
server2.sin_port = htons(port);
if(connect(wsockd, (struct sockaddr *) &server2, sizeof(struct
sockaddr_in)) < 0) {
@@ -176,11 +188,51 @@
return 2;
}
- while((bread = read(0, buff, sizeof(buff))) > 0) {
- if(write(wsockd, buff, bread) <= 0) {
- mprintf("@Can't write to the socket.\n");
- close(wsockd);
- return 2;
+ if(cfgopt(copt, "TCPAddr"))
+ {
+ if(strcmp(opt->filename, "-"))
+ {
+ if(fileinfo(opt->filename, 2) == -1)
+ {
+ printf("file=%s, error=%s\n",opt->filename,
strerror(errno));
+ mprintf("@Can't access file %s\n",
opt->filename);
+ perror(opt->filename);
+ return 2;
+ } else {
+ if(fd = fopen(opt->filename, "rb"))
+ myfileno = fileno(fd);
+ else
+ {
+ mprintf("@Can't access file
%s\n", opt->filename);
+ perror(opt->filename);
+ return 2;
+ }
+ }
+ }
+ else
+ myfileno = 0;
+ while((bread = read(myfileno, buff, sizeof(buff))) > 0)
+ {
+ if(write(wsockd, buff, bread) <= 0)
+ {
+ mprintf("@Can't write to the socket.\n");
+ close(wsockd);
+ return 2;
+ }
+ }
+ if(myfileno)
+ fclose(fd);
+ }
+ else
+ {
+ while((bread = read(0, buff, sizeof(buff))) > 0)
+ {
+ if(write(wsockd, buff, bread) <= 0)
+ {
+ mprintf("@Can't write to the socket.\n");
+ close(wsockd);
+ return 2;
+ }
}
}
close(wsockd);
--
Adam Goryachev
Website Managers
Ph: +61 2 9345 4395 [EMAIL PROTECTED]
Fax: +61 2 9345 4396 www.websitemanagers.com.au
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
