[prev in list] [next in list] [prev in thread] [next in thread]
List: amavis-user
Subject: Re: [AMaViS-user] which kaspersky products suported?
From: Mark Martinec <Mark.Martinec () ijs ! si>
Date: 2002-11-28 18:10:11
[Download RAW message or body]
Kenneth,
(sorry for a late reply)
| :-) Right, thats precisely the config for kavscanner. The log that Ive posted
| which the virus was not detected was for the kavdaemon (avpdc). It exits with
| status=0 and did not detect the viruses.
| The configuration i did for kavdaemon is:
| ['KasperskyLab AVPDaemonClient',
| ['/opt/AVP/kavdaemon','kavdaemon','kavdaemon'],
| '{}', [0], [3,4,5,6], qr/(?m)infected: (.+)/ ]
| however, this is the log from kavdaemon:
| ov 22 13:22:27 pkme amavis[32109]: (32109-01) Using KasperskyLab
| AVPDaemonClient: /opt/AVP/avpdc
| "/var/amavis/amavis-20021122T132227-32109/parts" </dev/null 2>&1
| Nov 22 13:22:27 pkme amavis[32109]: (32109-01) run_av: /opt/AVP/avpdc
| status=0,
| and it cant detect any viruses.
I don't know. Try to run it manually, e.g. create some subdirectory,
place a file with a virus there, and run:
$ /opt/AVP/avpdc "/some/full/path/subdir" </dev/null 2>&1
Does it find a virus? Does it help if you remove double quotes,
or append a slash after the directory name, or remove '</dev/null 2>&1'?
Could it be that the shell specified for vscan (or amavis) user
is not Bourne shell-compatible (e.g. csh or tcsh)?
| And also, i want to mention that the problem with f-prot not rejecting unknown
| viruses is back again (or is it just on my config?). This was fixed with a
| patch from the previous version but I cant seem to find where to apply the
| fix again.
Hm, what was that about? Which previous version? Check the status codes
listed in the file ./amavis/av/fprot from the version that worked for you,
and compare them to the codes listed in the f-prot entry
in amavisd.conf, e.g.:
if ($fprot) {
do_log(2,"Using $fprot");
chop($output = `$fprot -DUMB -ARCHIVE $TEMPDIR/parts`);
$errval = retcode($?);
do_log(2,$output);
==> if ($errval == 0 || $errval == 8) { # no errors, no viruses found
$scanner_errors = 0;
==> } elsif ($errval == 3 || $errval == 6) { # no errors, viruses discovered
$scanner_errors = 0;
==> @virusname = ($output =~ /Infection: (.+)/g);
@virusname = (undef) if !@virusname; # just in case: make list nonnil
do_virus();
} else {
do_log(0,"Virus scanner failure: $fprot (error code: $errval)");
}
}
against:
['FRISK F-Prot Antivirus/Linux', ['f-prot','f-prot.sh'],
'-DUMB -ARCHIVE {}', [0,8], [3,6],
^^^^^ ^^^^^
qr/(?m)Infection: (.+)/ ],
^^^^^^^^^^^^^^^
Mark
-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic