summarylogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.SRCINFO24
-rw-r--r--PKGBUILD42
-rw-r--r--clamd_mod.conf50
-rw-r--r--virus_scan.conf204
4 files changed, 320 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..df2043d285aa
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,24 @@
+pkgbase = c-icap-modules
+ pkgdesc = Modules for C-ICAP server
+ pkgver = 0.3.2
+ pkgrel = 2
+ url = http://c-icap.sourceforge.net/
+ arch = i686
+ arch = x86_64
+ license = GPL
+ license = LGPL
+ depends = c-icap>=0.3.2
+ depends = c-icap<0.4
+ backup = etc/c-icap/clamav_mod.conf
+ backup = etc/c-icap/clamd_mod.conf
+ backup = etc/c-icap/virus_scan.conf
+ backup = etc/c-icap/srv_url_check.conf
+ source = http://downloads.sourceforge.net/project/c-icap/c-icap-modules/0.3.x/c_icap_modules-0.3.2.tar.gz
+ source = clamd_mod.conf
+ source = virus_scan.conf
+ sha256sums = e3472662687cf9fa37a496df31436924326e315920056a404f023ec5e852e239
+ sha256sums = b3fcab76c3809e220f53b98b87242063dc06be37a6b8db040f01e4cf39d7fd9f
+ sha256sums = d0fd9ab05ea9fa590e87af477b28156cf88de921411093a01147c984742c5a5f
+
+pkgname = c-icap-modules
+
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..538ac387c88c
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,42 @@
+# Maintainer: Amish <contact at via dot aur>
+pkgname=c-icap-modules
+pkgver=0.3.2
+pkgrel=2
+pkgdesc='Modules for C-ICAP server'
+depends=('c-icap>=0.3.2' 'c-icap<0.4')
+arch=(i686 x86_64)
+url='http://c-icap.sourceforge.net/'
+license=('GPL' 'LGPL')
+source=("http://downloads.sourceforge.net/project/c-icap/c-icap-modules/0.3.x/c_icap_modules-${pkgver}.tar.gz"
+ 'clamd_mod.conf'
+ 'virus_scan.conf')
+sha256sums=('e3472662687cf9fa37a496df31436924326e315920056a404f023ec5e852e239'
+ 'b3fcab76c3809e220f53b98b87242063dc06be37a6b8db040f01e4cf39d7fd9f'
+ 'd0fd9ab05ea9fa590e87af477b28156cf88de921411093a01147c984742c5a5f')
+backup=('etc/c-icap/clamav_mod.conf'
+ 'etc/c-icap/clamd_mod.conf'
+ 'etc/c-icap/virus_scan.conf'
+ 'etc/c-icap/srv_url_check.conf')
+
+build() {
+ cd "${srcdir}/c_icap_modules-${pkgver}"
+ ./configure \
+ --prefix=/usr \
+ --localstatedir=/var \
+ --sbindir=/usr/bin \
+ --sysconfdir=/etc/c-icap \
+
+ make
+}
+
+package() {
+ install -dm755 "${pkgdir}"/etc/c-icap
+ cd "${srcdir}/c_icap_modules-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+
+ # fix some bad permissions
+ find "${pkgdir}"/etc/c-icap/ -type f -print0 | xargs -0 chmod 644
+ find "${pkgdir}"/usr/share/c_icap/templates/ -type f -print0 | xargs -0 chmod 644
+
+ install -Dm644 ../clamd_mod.conf ../virus_scan.conf "${pkgdir}"/etc/c-icap/
+}
diff --git a/clamd_mod.conf b/clamd_mod.conf
new file mode 100644
index 000000000000..64ddae7d6e14
--- /dev/null
+++ b/clamd_mod.conf
@@ -0,0 +1,50 @@
+#
+# To enable clamd module in c-icap, copy this file in c-icap
+# configuration directory and add the following line at the end of
+# c-icap.conf file:
+# Include clamd_mod.conf
+#
+
+# Module: clamd_mod
+# Description:
+# This is an addon module for the antivirus service (virus_scan) which
+# adds support for the open source antivirus clamav, using the clamd
+# daemon.
+#
+# Example:
+# Module common clamav_mod.so
+#
+
+# Load the clamd_mod module:
+Module common clamd_mod.so
+
+# TAG: clamd_mod.ClamdSocket
+# Format: clamd_mod.ClamdSocket path
+# Description:
+# The path of the clamd socket to use
+# Default:
+# clamd_mod.ClamdSocket /var/run/clamav/clamd.ctl
+clamd_mod.ClamdSocket /var/lib/clamav/clamd.sock
+
+# TAG: clamd_mod.ClamdHost
+# Format: clamd_mod.ClamdHost host
+# Description:
+# The host to be used to connect to Clamd if a ClamdPort is specified.
+# Default:
+# clamd_mod.ClamdHost 127.0.0.1
+
+# TAG: clamd_mod.ClamdPort
+# Format: clamd_mod.ClamdPort port
+# Description:
+# The port to be used to connect to Clamd. If specified
+# TCP connection to port "port" will be used instead of ClamdSocket.
+# When you are using TCP communication with clamd please be sure
+# that the filesystem permissions allow clamd to scan files created
+# by clamd_mod module.
+# The clamd_mod module create files with read permissions to running
+# c-icap process owner and group.
+# Default:
+# clamd_mod.ClamdPort None, ClamdSocket is used.
+
+# End module: clamd_mod
+
diff --git a/virus_scan.conf b/virus_scan.conf
new file mode 100644
index 000000000000..a301cb980b82
--- /dev/null
+++ b/virus_scan.conf
@@ -0,0 +1,204 @@
+#
+# To enable virus_scan service in c-icap, copy this file in c-icap
+# configuration directory and add the following line at the end of
+# c-icap.conf file:
+# Include virus_scan.conf
+#
+
+# Module: virus_scan
+# Description:
+# This is an antivirus services for the c-icap ICAP server
+# This module add the following log formating codes for use with
+# the LogFormat configuration parameter:
+# %{virus_scan:virus}Sa Prints the virus name or "-".
+# %{virus_scan:action}Sa Prints "passed" if the object scanned and no
+# virus found, "blocked" if a virus found and
+# object blocked, and "partiallyblocked" if a
+# virus found but some of the data transmitted
+# to the user.
+# Example:
+# LogFormat myVScanFmt "%tl, %>a %is %Ib %Ob %huo [Action: %{virus_scan:action}Sa] [Virus: %{virus_scan:virus}Sa]"
+# acl VSCAN service virus_scan
+# AccessLog /var/log/c-icap-access-vscan.log myVScanFmt VSCAN
+LogFormat myVScanFmt "%tl, %>a %is %Ib %Ob %huo [Action: %{virus_scan:action}Sa] [Virus: %{virus_scan:virus}Sa]"
+acl VSCAN service virus_scan
+AccessLog /var/log/c-icap/vscan.log myVScanFmt VSCAN
+
+#
+# The following additional formatting codes can be used with the service
+# templates (the VIRUS_FOUND, VIR_MODE_HEAD, VIR_MODE_PROGRESS,
+# VIR_MODE_TAIL and VIR_MODE_VIRUS_FOUND templates exist under the c-icap
+# templates directory):
+# %VVN The virus name.
+# %VVV The Antivirus name/version.
+# %VU The HTTP url.
+# %VFR The downloaded file requested name. For use with virelator mode.
+# %VFS Expected http body data size (Content-Length header). For use
+# with virelator mode.
+# %VF The name of the local file where the data stored. For use with
+# with virelator mode.
+# %VHS An HTTP URL to get stored object. For use with virelator mode.
+# See also the VirHTTPUrl configuration parameter.
+# %VPR Profile name (Exist only if virus_scan profiles are enabled).
+#
+# Example:
+# Service antivirus_module virus_scan.so
+# ServiceAlias avscan virus_scan?allow204=on&sizelimit=off&mode=simple
+#
+
+# Load the virus_scan service:
+Service antivirus_module virus_scan.so
+
+#Add an alias to srv_clamav for compatibility with old service name
+ServiceAlias srv_clamav virus_scan
+
+# Add the alias avscan for virus_scan service. It is used by many
+# ICAP based antivirus clients:
+ServiceAlias avscan virus_scan?allow204=on&sizelimit=off&mode=simple
+
+
+# Antivirus module settings
+
+# TAG: virus_scan.ScanFileTypes
+# Format: virus_scan.ScanFileTypes type1 [type2] ...
+# Description:
+# the list of file types or groups of file types which will be
+# scanned for viruses. For supported types look in c-icap.magic
+# configuration file.
+# Default:
+# None set.
+virus_scan.ScanFileTypes TEXT DATA EXECUTABLE ARCHIVE GIF JPEG MSOFFICE
+
+#The percentage of data to sent if the downloaded file exceeds the StartSendPercentDataAfter size
+# TAG: virus_scan.SendPercentData
+# Format: virus_scan.SendPercentData percent
+# Description:
+# the percentage of data that can be sent by the c-icap server
+# before receiving the complete body of a request.
+# This feature in conjuction with the folowing can be usefull
+# becouse if the download of the object takes a lot of time
+# the connection of web client to proxy can be expired.
+# It must be noticed that the data which delivered to the
+# web client maybe contains a virus or a part of a virus
+# and can be dangerous. In the other hand partial data
+# (for example 5% data of a zip or an exe file) in most
+# cases can not be used.
+# Set it to 0 to disable this feature.
+# Default:
+# virus_scan.SendPercentData 0
+virus_scan.SendPercentData 5
+
+# TAG: virus_scan.StartSendPercentDataAfter
+# Format: virus_scan.StartSendPercentDataAfter bytes
+# Description:
+# Only if the object is bigger than size then the percentage
+# of data which defined by SendPercentData sent by the c-icap
+# server before receiving the complete body of request.
+# Default:
+# virus_scan.StartSendPercentDataAfter 0
+virus_scan.StartSendPercentDataAfter 2M
+
+# TAG: virus_scan.Allow204Responces
+# Format: virus_scan.Allow204Responces on|off
+# Description:
+# Disable 204 responces outside previews for virus_scan if
+# your icap client does not support it.
+# Default:
+# virus_scan.Allow204Responces on
+
+# TAG: virus_scan.PassOnError
+# Format: virus_scan.PassOnError on|off
+# Description:
+# Pass the content instead of blocking it, in the case when the virus
+# scanner or the virus_scan module finds an error.
+# The error will be logged nevertheless.
+# Default:
+# virus_scan.PassOnError off
+virus_scan.PassOnError on
+
+# The Maximum object to be scanned.
+# TAG: virus_scan.MaxObjectSize
+# Format: virus_scan.MaxObjectSize Bytes
+# Description:
+# The maximum size of files which will be scanned by
+# antivirus service.You can use K and M indicators to define size
+# in kilobytes or megabytes.
+# Default:
+# virus_scan.MaxObjectSize 5M
+virus_scan.MaxObjectSize 10M
+
+# TAG: virus_scan.DefaultEngine
+# Format: virus_scan.DefaultEngine EngineName1 EngineName2 ...
+# Description:
+# The antivirus engines to use if no engine has selected using ICAP
+# service arguments.
+# The antivirus engines loaded as external c-icap modules.
+# Currently the following antivirus engines are available for the
+# c-icap-modules:
+# "clamd" or "clamav"
+# Default:
+# None set. The first loaded engine will be used.
+# Example:
+# virus_scan.DefaultEngine clamav
+virus_scan.DefaultEngine clamd
+
+# The following directives are related with an experimental
+# mode which I call "viralator like" mode. The virus_scan
+# service checks the type of file and if it included in
+# VirScanFileTypes list (see below) download the file localy
+# and sends to the web client messages about the progress
+# of download. After the download completed it sends a message
+# with the web location where the downloaded file stored.
+
+# TAG: virus_scan.VirSaveDir
+# Format: virus_scan.VirSaveDir path
+# Description:
+# The directory where the downloaded files stored.
+# Must be a directory where a web server has access.
+# Default:
+# No set
+# Example:
+# virus_scan.VirSaveDir /srv/www/htdocs/downloads/
+
+# from where the documents can be retrieved (you can find the get_file.pl script in contrib dir)
+# TAG: virus_scan.VirHTTPUrl
+# Format: virus_scan.VirHTTPUrl URL
+# Description:
+# The url which used by the web client to retrieve
+# downloaded file. The file where the download stored
+# can has diferent name than the original, if a file
+# with the same name exists in the directory. In the
+# url the "%f" can be used to specify the real name
+# of downloaded file.
+# You can use the small cgi program "get_file.pl"
+# which exists in contrib directory of c-icap-modules
+# distribution.
+# Default:
+# No set
+# Example:
+# virus_scan.VirHTTPUrl "http://fortune/cgi-bin/get_file.pl?usename=%f&remove=1&file="
+
+# TAG: virus_scan.VirUpdateTime
+# Format: virus_scan.VirUpdateTime seconds
+# Description:
+# The secs is the interval between the "progress of download"
+# messages in seconds.
+# Default:
+# virus_scan.VirUpdateTime 15
+
+# TAG: virus_scan.VirScanFileTypes
+# Format: virus_scan.VirScanFileTypes type1 type2 ...
+# Description:
+# The list of file types and groups of file types,
+# for which this mode must be used.
+# Default:
+# None set
+# Example:
+# virus_scan.VirScanFileTypes ARCHIVE EXECUTABLE
+
+# Enable on or more antivirus engines:
+Include clamd_mod.conf
+#Include clamav_mod.conf
+
+# End module: virus_scan
+