Additional ClamAV signature files

This forum is for all copfilter support related questions in English.
Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Additional ClamAV signature files

Post by Severus » 28 Mar 2010 22:47

The 3rd Party Signature-Addon is now available for copfilter 0.84 up to 0.85.2 and for copfilter 0.85.3 and higher and 2.0.91 ans higher. Copfilter 2.0.90 is no longer supported!
Please use 3rdP-version 0.56.6 or 0.60.6 - 3rd_party_signatures_0.84 up to 0.85.2. and 3rd_party_signatures_0.85.3 and higher and 2.0.91 and higher.
In Copfilter Versions 2.0.91 and higher this addon karesmakro has implemented by default! Use my mods to update the implemented feature if necessary.

See more in wiki at english wiki
Mehr im Wiki auf deutsches wiki


Image
Hi all,
Hallo zusammen,
I'm glad to introduce a new mod for copfilter-0.84beta4 and higher (ipcop/copfilter v2 supported) for using additional signature files for clamav to protect your clients against spam, phishing and more.
Ich freue mich Euch einen neuen Mod für Copfilter-0.84beta4 und höher (IPCop/Copfilter V2 wird unterstützt)vorstellen zu können, mit dem Ihr zusätzliche Signaturen für Clamav verwenden könnt um Euch vor Spam, Phishing etc. zu schützen.
The mod I'll offer you supports files from Sanesecurity, SecuriteInfo, Porcupine, Bofhland, Malware-Patrol and Andrew Lewis, Julian Field, CRDF and OITC.
Der Mod unterstützt Dateien von Sanesecurity, SecuriteInfo, Porcupine, Bofhland, Malware-Patrol und Andrew Lewis, Julian Field, CRDF and OITC.
You may download this mod from:
Ihr könnt den Mod von dieser Adresse herunter laden:
**Version 0.84 up to 0.85.2**
3rd_party_signatures
3rd_party_sig_md5
**Version 0.85.3 and higher and 2. 0.91 and higher**
3rd_party_signatures
3rd_party_sig_md5
The md5 filecontains the checksums for the package file.
Die md5 Datei enthält die Prüfsummen des Pakets.
You may also download this package from karesmakro's website:
Ihr könnt das Paket auch von Karesmakro's Website herunterladen:
http://it-connect-unix.de/
It's highly recommended to uninstall former versions first.
Deinstalliert auf jeden Fall zuerst ältere Versionen.
For use please copy the package to a directory like /tmp (or any other you like) on your Cop.
Ladet das Paket auf Euren Cop herunter in ein beliebiges Verzeichnis.
Go to the chosen directory by
Wechselt in dieses Verzeichnis mit

Code: Select all

cd <directory name>
Unpack the file by
Entpackt die Datei mit

Code: Select all

tar vzxf 3rd_party_sig_0.56.6.tar.gz or/oder
tar vzxf 3rd_party_sig_0.60.6.tar.gz
and go to the directory 3rd_party_sig
und wechselt in das Verzeichnis 3rd_party_sig_0.56.6 mit

Code: Select all

cd 3rd_party_sig_0.56.6 or/oder
cd 3rd_party_sig_0.60.6
Read the CHANGES and README files.
Lest die Dateien CHANGES and README.
Then run the installation file by
Führt die Installationsdatei aus mit

Code: Select all

./install
The file allows you to
Die Datei erlaubt Euch
  • 1. install the mod - den Mod zu installieren
    2. remove the mod - den Mod wieder zu entfernen
    3. update the mod - den Mod auf neuesten Stand bringen
    by chosing the corresponding parameter in the installation dialog.
    indem Ihr den entsprechenden Parameter im Installationsdialog auswählt.
    On the first install all databases and options available are disbled by default.
    Bei der ersten Installation werden alle derzeit verfügbaren Dateien und Optionen als Standard abgewählt.
    To modify the settings use the AntiVirus GUI of copfilter.
    Für spätere Änderungen benutzt die AntiVirus GUI von Copfilter.
    Please note, that you use this mod on your own risk, as it is mentioned by the install process, too.
    Denkt daran, daß Ihr den Mod auf eigenes Risiko benutzt, so wie der Installationsprozess es nochmals ausdrücklich wiederholt.
    Regard that some providers of the databases available do not allow more than one download a day from one dedicated IP. After any change you are prompted to download or not the chosen files. If you do so you may exceed the mentioned limits and then get be blacklisted. So do not download the files lightly! The default downloads of the mod obeye these rules.
    Denkt auch daran, daß manche Anbieter nur einen download pro Tag von einer bestimmten IP erlauben. Nach jeder Änderung werdet ihr gefragt, ob ihr die gewählten Dateien sofort herunterladen wollt. Wenn ihr das tut könnt Ihr dieses Limit überschreiten und auf einer Blacklist landen. Ladet also nach Änderungen die Dateien nicht unüberlegt herunter. Die Standard Downloads des Mods beachten diese Regeln.
    The mod allows some more changes to your system if you like them:
    Der Mod erlaubt auch noch einige andere Änderungen wenn Ihr diese wollt:
    • 1: Add the useage of additional databases - zusätzliche Datenbanken nutzen
      2. Show these databases on your copfilter GUI (related to the ipcop version) - Anzeige der benutzten Datenbanken auf der GUI (abhängig von der IPCop Version)
      3. Add some additional information to the header and/or body of your mails about the used databases - einfügen von Informationen zu den Datenbanken im Header oder im Body Eurer Mails
      4. Remove or modify the use of these databases by GUI - Datenbanken über die GUI ändern oder entfernen
      5. Get notification mails about the updates - Benachrichtigungen per Mail über die Updates erhalten (optional)
These options you may choose by GUI if you like them.
Diese Optionen könnt Ihr über die GUI auswählen, wenn Ihr wollt.

As for downloading the databases in most cases rsync is required, the install process will check your system if rsync is already installed and if you have the latest release. If not it will be installed automatically related to the IPCop version.
Da die meisten Dateien mit rsync heruntergeladen werden müssen prüft der Installationsprozess ob rsync vorhanden ist und ob ihr die neueste Version besitzt und installiert es falls notwendig, abhängig von der IPCop Version.
The rsync application will not be removed by the uninstall process!
Rsync wird bei der Deinstallation nicht entfernt!

Please do not use the update mail notification mod (viewtopic.php?p=630#p630) together with this mod!
This function is implemented in v0.55 and higher. (See Email GUI of copfilter)
Benutzt den mod für die update Mails (viewtopic.php?p=630#p630) nicht zusammen mit diesem mod!
Diese Funktion ist in v0.55 und höher bereits enthalten. (Siehe Email GUI des Copfilter)

This mod replaces the former *check_clamav* released by karesmakro. As this mod is no longer required, it will be removed automatically.
Dieser Mod ersetzt die früheren *check_clamav* Programme von Karesmakro. Diese werden daher automatisch entfernt.
Thanks to karesmakro for releasing his uninstall files.
Dank an Karesmakro für seine uninstall-Dateien.

Curent version of this mod is
Aktuelle Version dieses Mods ist
for Copfilter 0.85.2 and lower: 0.56.6 from 2013-05-12 12:00
for Copfilter 0.85.3 and higher and 2.0.91: 0.60.6 from 2013-05-12 12:00


Mod will be refreshed if other databases will be offered by the distributors.
Der Mod wird aktualisiert wenn andere Datenbanken angeboten werden sollten.

Thanks to karesmakro, FischerM, ShelbyGT500, tranrate, ron for betatesting and debugging.
Mein Dank an karesmakro, FischerM, ShelbyGT500, tranrate, ron die die Betaversionen getestet und geholfen haben, einige Bugs zu beseitigen .

Thanks to FischerM and ShelbyGT500 for updating the language files.
Mein Dank an FischerM und ShelbyGT500 für das Überarbeiten der language files.

Hope you will enjoy the mod.
Ich hoffe, der Mod gefällt Euch.
Regards Severus

Last Edit: 2013-05-12 11:30 [CEST]
Last edited by Severus on 12 May 2013 11:20, edited 34 times in total.
Reason: Further information...

tranrate
Posts: 10
Joined: 18 Dec 2009 21:39

Re: Additional ClamAV signature files

Post by tranrate » 01 Apr 2010 02:20

Hi

Thanks for this update. Works fine now the securiteinfo downloads are available again.

One small thing - you have a few lines missing from your English translations file /var/log/copfilter/0.84beta4/langs/en.pl

The following lines need to be inserted after the line starting 'lw_database', a few lines before the end of the file.

Code: Select all

'copfilter virus_sig' => 'Software & Virus Database versions',
'copfilter next update1' => 'Next update will be performed in ',
'copfilter next update2' => 'Minutes ...',
These could be missing in the other languages as well?

Regards

Martin

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 01 Apr 2010 05:20

Thanks. Will look on it.
Severus

Done with 2010-04-01 16:30 mod v 0.18.7
Severus

tranrate
Posts: 10
Joined: 18 Dec 2009 21:39

Re: Additional ClamAV signature files

Post by tranrate » 01 Apr 2010 22:47

Hi Severus

Have done a bit more checking. The problem is not the missing language file entries. It is that the update to the gui cgi doesn't work if you reply with y. The error is about half way through the install script where you have a $ missing from the variable name in the if statements in two of your tests.

Code: Select all

	  ###### GUI Mod ######
	  echo
	  echo "Do you like to display the file information on antivirus/testlog GUI?"
	  echo "GUI mod (y/n)"
	  echo
	  echo -n "y=modify    n=not_modify   "
	  read gui
	  if [ ! "$gui" = "y"  ]; then
	      gui="n"
	  fi
#	  if [ "gui" = "y" ]; then
	  if [ "$gui" = "y" ]; then
		  echo "backing up current files..."
		  cp -p /home/httpd/cgi-bin/copfilter_antivirus.cgi /home/httpd/cgi-bin/copfilter_antivirus.cgi.sev>/dev/null
		  cp -p /home/httpd/cgi-bin/copfilter_testlog.cgi /home/httpd/cgi-bin/copfilter_testlog.cgi.sev>/dev/null
		  echo "done..."
		  echo "copying modified files..."
		  cp -pf guifiles/copfilter_testlog.cgi  /home/httpd/cgi-bin/copfilter_testlog.cgi>/dev/null
		  cp -pf guifiles/copfilter_antivirus.cgi /home/httpd/cgi-bin/copfilter_antivirus.cgi>/dev/null
		  echo "done..."
	 fi
	  ###### functions mod #######
		  echo ""
		  echo "Do you like to display the file information in mail body/header?"
		  echo "Mail mod (y/n)"
		  echo ""
		  echo -n "y=mod	ify    n=not_modify   "
		  read mmod
		  if [ ! "$mmod" = "y"  ]; then
		      mmod="n"
		  fi
#		  if [ "mmod" = "y" ]; then
		  if [ "$mmod" = "y" ]; then

			  echo "backing up current files..."
			  cp -pT $BASEDIR/etc2/copfilter_functions $BASEDIR/etc2/copfilter_functions.sev>/dev/null
			  echo "done"
			  echo ""
			  echo "copy modified files..."
			  cp -pfT functions/copfilter_functions $BASEDIR/etc2/copfilter_functions>/dev/null
			  echo "done"
		  fi
	  ########### Update files Clam AVG F-Prot ############
As I didn't know what the new page should look like, I just saw the missing language file entries. These are probably still needed by anyone who answers no to the gui update question.

Regards

Martin

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 01 Apr 2010 23:50

Hi tranrate,
the bug you reported will be fixed immediately.
Thanks for your report. :D
fixed by 0.18.8 2010-04-01 23:38

Regards Severus

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 03 Apr 2010 20:07

some minor updates in 0.18.9 from 2010-04-03 due to changes in clamav 0.96
Severus

tranrate
Posts: 10
Joined: 18 Dec 2009 21:39

Re: Additional ClamAV signature files

Post by tranrate » 07 Apr 2010 02:56

Hi Severus

I noticed that on the Clamav database versions you had the last digit of the file size shown before the date for each database and some of the database names were truncated.

This is a corrected extract from copfilter_antivirus.cgi

Code: Select all

######### Clamav Datenbanken ###########
print "<br><b>$Lang::tr{'clamav_database'}:</b>";
# Version der main-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/main.cld" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep main.cld |cut -c 38-61`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
} 
elsif ( -e "/var/log/copfilter/default/opt/clamav/virdb/main.cvd" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep main.cvd |cut -c 38-61`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
} 

#Version der daily-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/daily.cld" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep daily.cld |cut -c 38-62`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
} 
elsif ( -e "/var/log/copfilter/default/opt/clamav/virdb/daily.cvd" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep daily.cvd |cut -c 38-62`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
}

#Version der bytecode-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/bytecode.cld" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep bytecode.cld |cut -c 38-65`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
} 
elsif ( -e "/var/log/copfilter/default/opt/clamav/virdb/bytecode.cvd" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep bytecode.cvd |cut -c 38-65`; 
$output = &Header::cleanhtml($output,"y"); 
print "<br>$output\n"; 
}

######### Google Datenbank ###########
#Version der Safebrowsing-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/safebrowsing.cld" ){ 
$safebrowse = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep safebrowsing.cld |cut -c 38-69`; 
$safebrowse = &Header::cleanhtml($safebrowse,"y"); 
print "<br>";
print "<br><b>$Lang::tr{'google_database'}:</b>";
print "<br>$safebrowse\n"; 
} 
elsif ( -e "/var/log/copfilter/default/opt/clamav/virdb/safebrowsing.cvd" ){ 
$safebrowse = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep safebrowsing.cvd |cut -c 38-69`; 
$safebrowse = &Header::cleanhtml($safebrowse,"y"); 
print "<br>";
print "<br><b>$Lang::tr{'google_database'}:</b>";
print "<br>$safebrowse\n"; 
}

######### Sanesecurity Datenbanken ###########
#Version der Phishing-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/phish.ndb" ){ 
$phish = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ | grep phish.ndb |cut -c 38-62`; 
$phish = &Header::cleanhtml($phish,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der Scam-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/scam.ndb" ){ 
$scam = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep scam.ndb |cut -c 38-61`; 
$scam = &Header::cleanhtml($scam,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  

#Version der Scamnailer-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/scamnailer.ndb" ){ 
$scamnailer = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep scamnailer.ndb |cut -c 38-67`; 
$scamnailer = &Header::cleanhtml($scamnailer,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  


#Version der Spam-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/spam.ldb" ){ 
$spam = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep spam.ldb |cut -c 38-61`; 
$spam = &Header::cleanhtml($spam,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der SpamImage-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/spamimg.hdb" ){ 
$spamimg = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep spamimg.hdb |cut -c 38-64`; 
$spamimg = &Header::cleanhtml($spamimg,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  


#Version der Lott-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/lott.ndb" ){ 
$lott = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep lott.ndb |cut -c 38-61`; 
$lott = &Header::cleanhtml($lott,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der Spear-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/spear.ndb" ){ 
$spear = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep spear.ndb |cut -c 38-62`; 
$spear = &Header::cleanhtml($spear,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  

#Version der SpearLink-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/spearl.ndb" ){ 
$spearl = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep spearl.ndb |cut -c 38-63`; 
$spearl = &Header::cleanhtml($spearl,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  


#Version der Junk-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/junk.ndb" ){ 
$junk = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep junk.ndb |cut -c 38-61`; 
$junk = &Header::cleanhtml($junk,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 


#Version der Junk-URLBL-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/jurlbla.ndb" ){ 
$jurlbla = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep jurlbla.ndb |cut -c 38-64`; 
$jurlbla = &Header::cleanhtml($jurlbla,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der Rogue-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/rogue.hdb" ){ 
$rogue= `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep rogue.hdb |cut -c 38-62`; 
$rogue = &Header::cleanhtml($rogue,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  

#Version der winnow_malware-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/wmal.hdb" ){ 
$wmal = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep wmal.hdb |cut -c 38-61`; 
$wmal = &Header::cleanhtml($wmal,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der winnow_phish-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/wphsh.ndb" ){ 
$wphsh = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep wphsh.ndb |cut -c 38-62`; 
$wphsh = &Header::cleanhtml($wphsh,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
}  

#Version der winnow_spam-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/wspam.ndb" ){ 
$wspam = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep wspam.ndb |cut -c 38-62`; 
$wspam = &Header::cleanhtml($wspam,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der winnow_complex-pattern-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/wpatt.ldb" ){ 
$wpatt = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep wpatt.ldb |cut -c 38-62`; 
$wpatt = &Header::cleanhtml($wpatt,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 

#Version der INetMsg-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/inet.ndb" ){ 
$inet = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep inet.ndb |cut -c 38-61`; 
$inet = &Header::cleanhtml($inet,"y"); 
$sanesec = "$Lang::tr{'sanesec_database'}:";
} 


######### LW Datenbanken ###########
#Version der LW-Scam-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/LW-Scam.ndb" ){ 
$lwsp = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep LW-Scam.ndb |cut -c 38-64`; 
$lwsp = &Header::cleanhtml($lwsp,"y");
$lwdb = "$Lang::tr{'lw_database'}:";
} 

#Version der LW-Image-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/LW-Image.hdb" ){ 
$lwim = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep LW-Image.hdb |cut -c 38-65`; 
$lwim = &Header::cleanhtml($lwim,"y"); 
$lwdb = "$Lang::tr{'lw_database'}:"; 
} 

if ( ! $lwdb eq ''){
print "<br>";
print "<br><b>$lwdb</b>";
	if ( ! $lwsp eq ''){
		print "<br>$lwsp";
	}
	if ( ! $lwim eq ''){
		print "<br>$lwim";
	}
}

######### Securiteinfo Datenbanken ###########
#Version der vx-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/vx.hdb" ){ 
$sivx = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep vx.hdb |cut -c 38-65`; 
$sivx = &Header::cleanhtml($sivx,"y"); 
$sidb = "$Lang::tr{'securiteinfo_database'}:"; 
} 

#Version der Secureteinfo-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/securiteinfo.hdb" ){ 
$sisecinf = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep securiteinfo.hdb |cut -c 38-69`; 
$sisecinf = &Header::cleanhtml($sisecinf,"y"); 
$sidb = "$Lang::tr{'securiteinfo_database'}:"; 
} 

#Version der Honeynet-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/honeynet.hdb" ){ 
$sihon = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep honeynet.hdb |cut -c 38-65`; 
$sihon = &Header::cleanhtml($sihon,"y"); 
$sidb = "$Lang::tr{'securiteinfo_database'}:"; 
} 

#Version der Antispam-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/antispam.ndb" ){ 
$siasp = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep antispam.ndb |cut -c 38-65`; 
$siasp = &Header::cleanhtml($siasp,"y"); 
$sidb = "$Lang::tr{'securiteinfo_database'}:"; 
} 

if ( ! $sidb eq '' ){
print "<br>";
print "<br><b>$sidb</b>";
	if ( ! $sivx eq ''){
		print "<br>$sivx";
	}
	if ( ! $sisecinf eq ''){
		print "<br>$sisecinf";
	}
	if ( ! $sihon eq ''){
		print "<br>$sihon";
	}
	if ( ! $siasp eq ''){
		print "<br>$siasp";
	}
}

######### MalwarePatrol Datenbank ###########
#Version der Malware-Datenbank
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/mbl.ndb" ){ 
$mbl = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep mbl.ndb |cut -c 38-65`; 
$mbl = &Header::cleanhtml($mbl,"y"); 
print "<br>";
print "<br><b>$Lang::tr{'malware_database'}:</b>";
print "<br>$mbl\n"; 
} 

if ($copfiltersettings{'CLAMD_UPDATE_METHOD'} = "periodically") {
print "<br>";
print "<br>";
$output = `cat /var/log/copfilter/default/etc/clamd_counter`;
$output = $output + 5;
print "<b>$output</b>";
$output = $Lang::tr{'clamav_update'};
print "<b>$output</b>";
}

if ( -e "/var/log/copfilter/default/opt/clamav/virdb/mbl.ndb" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep mbl.ndb |cut -c 38-65`; 
} 
if ( -e "/var/log/copfilter/default/opt/clamav/virdb/mbl.ndb" ){ 
$output = `ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep inet.ndb |cut -c 38-65`; 
#$output = &Header::cleanhtml($output,"y"); 
} 

########### ClamAV ENDE ######################
Regards

Martin

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 07 Apr 2010 03:26

Hi tranrate,

this may occur when file size is growing or in some cases the format of date differs strongly from the one I use. This will never be preventable for any case.
The same code works like a charm on my machines. Guess this must be fixed by anybody for his own machine. :evil:
Nevertheless I will look on it. ;)

1st Edit:
Maybe the code

Code: Select all

`ls -la /var/log/copfilter/default/opt/clamav/virdb/ |grep xxx.xdb | sed 's/  */ /g' | cut -d " " -f 6-';
will do it for all sizes.
The *sed* command replaces all possible multiple spaces by a single space, so the space can be used as a delimiter and we can print column 6 and later.
I must do some tests if I can spare time.
Regards Severus

2nd Edit:

Tested. Seems to run smoothly. Published as new release.
BTW: with this release I reinstated the MSRBL file support to the mod. Though they have not been updated since a long time, everybody now can decide for himself if to use or not.

Severus

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 17 Apr 2010 20:27

Hi all,
the MSRBL signature files seem to be back.
Tody I got until now two updates:
Apr 17 07:40 MSRBL-Images.hdb
Apr 17 18:53 MSRBL-Images.hdb
Apr 18 02:53 MSRBL-Images.hdb
We'll see about that. ;)
Severus

Severus
Site Admin
Posts: 457
Joined: 10 Dec 2009 07:01
Location: Nürnberg - Germany

Re: Additional ClamAV signature files

Post by Severus » 18 Apr 2010 20:23

0.18.12 released.
some minor improvements to the GUI and language files for better visualization of the sigs.

Severus

Post Reply