Nethserver-clamscan need testers

Yet only available for ns7, but another version for el6 should come

The translation is available in transiflex, if you want to do it, thank in advance

to install :

yum install http://mirror.de-labrusse.fr/NethDev/nethserver-clamscan/nethserver-clamscan-0.1.0-1.ns7.sdl.noarch.rpm

For NS7, the rpm clamav-data-empty is used, so it means that there is no virus database right now after the installation, but I mandatory start the download…be patient before to use, it depends of your bandwidth and the one of the remote server.

After that you have several options, please ask to add more, or to enhance them. For now there is no GUI to retrieve files in the quarantine, something interesting to do.

if you want to see how the scan and the freshclam are running, do in the console

ps aux|grep clam

With this option you will see the setting you gave to clamscan and control that I did well my work :slight_smile:

If you want to test several time the freshclam, you can ‘rm’ all the content in /var/lib/clamav, then press the button 'refresh database now 'in the panel.

a mail is sent to the root user at the end of the scanning, if you have no scanning then take a look to /var/log/clamav/clamscan-errors

4 Likes

I’ve installed it, and done a signatur update. But how can I check the version and the date of the signature.
At the Dashboard it shows a wrong time for last update.

1 Like

I’d like to tag @flatspin @medworthy @WillZen and @dnutan in this topic

As soon as possible. Still lying with flu.

teaser

3 Likes

Firstly, thank for your interest :slight_smile:

The refresh button just starts freshclam quietly by the command ‘/usr/share/clamav/freshclam-sleep xnow’, the same done every 3 hours by the cron job. I suppose that if the database has just been recently refreshed, it delays it. The applet in the dashboard looks after the modification time of files in clamav database, obviously if the db has not been refreshed because they are not enough old, then the applet display the last update

One way to force the download is to erase the content of /var/lib/clamav, then download it immediately but I don’t know the possible downside.

Thoughts please :slight_smile:

1 Like

Hi Stephane,
thanks for your answer, I’ve tried the way you discribed to delete the files in /var/lib/clamav and do the update after this.
It wents fine for me

Hi Stephane,
what do you think about showing the status of update and scanning (with info what does it scan at this time) at the webinterface.
It should be possible to scan a single file or folder on demand.

Hi Stephane, I’m back to work.
Installed your package without problems. Instand filescan works. Will have a look on the behavior and report things that come.
Again I have to say thank you very much for your work! You are great man!!

What do you think about a real time protection of the entire filesystem with the OnAccess-feature of cmalav or with LMD?

2 Likes

In fact I relay on clamscan and I’m not sure it gets a verbose mode where the scanned file name will appear, concerning the update status of freshclam, you get it in the dashboard, I’m not a big fan of duplicated code.

What it could be nice, will be to display the last scan report in the panel, or eventually the full log, I don’t know.

well here it is specific, if we do a simple textInput box where you write the full path of your scan, it is really easy, but if you want like in the backup-ui a JS panel to select the folder/file with your mouse, hence it is not the same job :slight_smile:

you are welcome :stuck_out_tongue:

[root@NS7DEV5 ~]# cat /boot/config-3.10.0-327.el7.x86_64 | grep FANOTIFY
CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

I would say that clamscan is ready on NS7 to play with the on-access feature

LMD is a script, no epel rpm, hard to distribute it. I don’t know if we can relay safely on it, I have not a long experience on this software

1 Like

yum install http://mirror.de-labrusse.fr/NethDev/nethserver-clamscan/nethserver-clamscan-0.1.1-1.ns7.sdl.noarch.rpm

  • The file restoration can be done in the UI
  • clamscan make a e-smith database called quarantine
  • Freshclam applet in the panel
  • Freshclam-update drop the old database before to download the new one

please test and report, for now only for NS7

4 Likes

I mean during the update, like 20% of update done.

And thanks for your work again.
I like nethserver and the way you guys work, that the whole community can make propositions and we all together try to get a perfect system.

2 Likes

It is nice to get input of others, If i listen me, I will use the cli all the time :slight_smile:

1 Like

For me its enough, if I can work with wildcards.

what do you mean ?

For example I want to scan all doc files in a folder like /etc/clamav/*.doc and I want scan folders recursive, for example if there is a folder /etc/clamav/signatures and I scan /etc/clamav it scans /etc/clamav/signatures too.

ok clamscan is recursive from base, so whatever you give as folder, all behind will be scanned. We can imagine a new radio button to scan a specific folder/files with the button ‘scan NOW’

yes, this sounds good

Works. Tested with eicar-standard-file.

found in /var/lib/nethserver/db/qurantine with entry about eicar-file

really nice :slight_smile:

Back to real time protection (rtp): You are working with config-db prop clamscan. The clamd@scan.service is defined and needs only to be enabled and a proper scan.conf. Can you add a radio-button to enable the rtp and build a proper scan.conf from templating system with db values? Or am I to euphoric?

1 Like