Clamav and vsftpd integration

grzeslaw · 10-08-2013, 09:18 AM

Hello folks,

I would like to integrate CLAMAV with VSFTPD.. After some research I found only some patch from untrusted source..

Did any of you know if there is a way to integrate clamav, to scan every incomming file?

Regards,

unSpawn · 10-10-2013, 01:10 AM

Why not use inotifywatch on close_write?

grzeslaw · 10-11-2013, 09:17 AM

I dont understand.. What I need to monitor with inotifywatch? What files?
I was asking, about scanning incoming files via ftp with clamav.. and looking for solution..

unSpawn · 10-16-2013, 01:34 AM

Since you never disclosed which "patch from untrusted source" should integrate ClamAV with Vsftpd only a few common methods remain:
- a cron job, which may make you miss files to scan if they're for example moved right after uploading,
- Dazuko (or equivalent on-access scanning LKM) which may (or more likely: may not) patch cleanly against your current kernel version (and having to compile it for any new kernel),
- on-access scanning triggered by an Inotify event like the closing of a file written to.