Date: Mon, 12 Nov 2001 12:20:58 +0200 From: "Konstantin Reznichenko" <kot@premierbank.dp.ua> To: <FreeBSD-gnats-submit@freebsd.org> Subject: ports/31926: New port security/drweb-qmail: Qmail message filter for virus processing through DrWeb daemon Message-ID: <001001c16b63$b8a10820$8802a8c0@premierbank.dp.ua>
next in thread | raw e-mail | index | archive | help
>Number: 31926
>Category: ports
>Synopsis: New port security/drweb-qmail: Qmail message filter for
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Nov 12 02:30:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator: Konstantin Reznichenko
>Release: FreeBSD 4.2-RELEASE i386
>Organization:
PREMIERBANK
>Environment:
System: FreeBSD saturn.premierbank.dp.ua 4.2-RELEASE FreeBSD
4.2-RELEASE #7: Sun Oct 14 10:21:45 EEST 2001
toor@saturn.premierbank.dp.ua:/usr/src/sys/compile/SATURN i386
>Description:
Qmail message filter for virus processing through Qmail-Scanner and
DrWeb daemon (Qmail-Scanner: Email Scanning Harness for Qmail).
>How-To-Repeat:
Execute the following shar file.
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# drweb-qmail
# drweb-qmail/files
# drweb-qmail/files/patch-aa
# drweb-qmail/Makefile
# drweb-qmail/distinfo
# drweb-qmail/pkg-comment
# drweb-qmail/pkg-descr
# drweb-qmail/pkg-plist
#
echo c - drweb-qmail
mkdir -p drweb-qmail > /dev/null 2>&1
echo c - drweb-qmail/files
mkdir -p drweb-qmail/files > /dev/null 2>&1
echo x - drweb-qmail/files/patch-aa
sed 's/^X//' >drweb-qmail/files/patch-aa <<
'END-of-drweb-qmail/files/patch-aa'
X--- configure.orig Thu Sep 6 02:11:26 2001
X+++ configure Sun Nov 11 18:01:40 2001
X@@ -341,6 +341,10 @@
X then
X INOCUCMD="${INOCUCMD:-$dir/inocucmd}"
X fi
X+ if test -x $dir/drweb_qmail.pl
X+ then
X+ DRWEB="${DRWEB:-$dir/drweb_qmail.pl}"
X+ fi
X if test -x $dir/find
X then
X FIND="${FIND:-$dir/find}"
X@@ -652,6 +656,12 @@
X SCANNER_ARRAY="$SCANNER_ARRAY,\"inocucmd\""
X fi
X
X+if [ "$DRWEB" != "" ]; then
X+ echo "drweb=$DRWEB"
X+ SCANNER_ARRAY="$SCANNER_ARRAY,\"drweb\""
X+fi
X+
X+
X USERNAME=${USERNAME:-$LOGNAME}
X
X SCANNER_ARRAY=`echo $SCANNER_ARRAY|sed 's/^,//g'`
X@@ -800,6 +810,7 @@
X s?AVPDAEMON?$AVPDAEMON?g;
X s?FSECURE?$FSECURE?g;
X s?INOCUCMD?$INOCUCMD?g;
X+s?DRWEB?$DRWEB?g;
X s?USERNAME?$USERNAME?g;
X s?FQDN?$FQDN?g;
X s?MAILDOMAIN?$MAILDOMAIN?g;
X--- qmail-scanner-queue.template.orig Fri Sep 7 01:12:20 2001
X+++ qmail-scanner-queue.template Wed Oct 17 17:29:37 2001
X@@ -166,6 +166,7 @@
X my $avpdaemon_binary='AVPDAEMON';
X my $fsecure_binary='FSECURE';
X my $inocucmd_binary='INOCUCMD';
X+my $drweb_binary='DRWEB';
X $ENV{'PATH'}='/bin:/usr/bin';
X
X my $SCANINFO='';
X--- sub-drweb.pl.orig Thu Jan 1 03:00:00 1970
X+++ sub-drweb.pl Wed Oct 17 17:33:36 2001
X@@ -0,0 +1,42 @@
X+sub drweb {
X+ # Call DrWeb Daemon Perl-Wrapper Client
X+ &debug("drweb: starting scan of directory \"$scandir/$file_id\"...");
X+ my ($drweb_verbose)="" if ($DEBUG);
X+ my ($start_drweb_time)=[gettimeofday];
X+ my ($DD,$drweb_status,$stop_drweb_time,$drweb_time);
X+ &debug("drweb: run $drweb_binary $scandir/$file_id");
X+ $DD = `perl $drweb_binary $scandir/$file_id`;
X+ $drweb_status = ($? >> 8);
X+ &debug("drweb: wrapper return code($drweb_status) and string:\n$DD");
X+ if( $drweb_status eq 1 ) {
X+ my @list = split(/\n/,$DD);
X+ $quarantine_description = '';
X+ foreach( @list ) {
X+ $quarantine_description .= "$_\n";
X+ $quarantine_event++;
X+ }
X+ &debug("drweb: Found a viruses:\n$quarantine_description");
X+ $description .= "\n--- drweb results ---\n$DD";
X+ }
X+ elsif( $drweb_status eq 2 ) {
X+ $quarantine_description = "possible contain a mailbomb";
X+ $quarantine_event=1;
X+ &debug("drweb: message possible contain a mailbomb");
X+ $description .= "\n--- drweb results ---\nmessage possible contain a
mailbomb";
X+ }
X+ elsif( $drweb_status eq 3 ) {
X+ $quarantine_description = "contain an unchecked objects";
X+ $quarantine_event=1;
X+ &debug("drweb: message possible contain an unchecked objects");
X+ $description .= "\n--- drweb results ---\nmessage contain an unchecked
objects";
X+ }
X+ elsif( $drweb_status eq 10 ) {
X+ &debug("drweb: message has not been checked - $DD");
X+ }
X+ elsif( $drweb_status > 0 ) {
X+ &tempfail("drweb: antivirus software failure");
X+ }
X+ my ($stop_drweb_time)=[gettimeofday];
X+ $drweb_time = tv_interval ($start_drweb_time, $stop_drweb_time);
X+ &debug("drweb: finished scan of dir \"$scandir/$file_id\" in $drweb_time
secs");
X+}
END-of-drweb-qmail/files/patch-aa
echo x - drweb-qmail/Makefile
sed 's/^X//' >drweb-qmail/Makefile << 'END-of-drweb-qmail/Makefile'
X# New ports collection makefile for: DrWeb_QMail
X# Date created: 9 November 2001
X# Whom: Konstantin Reznichenko <kot@premierbank.dp.ua>
X#
X# $FreeBSD$
X#
X
XPORTNAME= drweb_qmail
XPORTVERSION= 4.26c
XCATEGORIES= security mail
XMASTER_SITES= http://prdownloads.sourceforge.net/qmail-scanner/
XDISTNAME= qmail-scanner-1.01
XEXTRACT_SUFX= .tgz
X
XMAINTAINER= kot@premierbank.dp.ua
X
XDRWEBBASE= ${LOCALBASE}/drweb
XIS_INTERACTIVE= yes
X
XBUILD_DEPENDS= ${DRWEBBASE}/drwebd:${PORTSDIR}/security/drweb \
X ${PORTSDIR}/mail/qmail \
X ${PORTSDIR}/devel/p5-Time-HiRes \
X ${LOCALBASE}/bin/maildrop:${PORTSDIR}/mail/maildrop \
X ${LOCALBASE}/bin/tnef:${PORTSDIR}/converters/tnef
XRUN_DEPENDS= ${BUILD_DEPENDS}
X
XWRKSRC= ${WRKDIR}/${DISTNAME}
X
XCONFIGURE_ENV= PATH=${PATH}:${LOCALBASE}/drweb/clients/qmail
XNO_BUILD= yes
X
Xdo-install:
X cd ${DRWEBBASE}/clients/drwebdc && ./${CONFIGURE_SCRIPT} && ${MAKE}
X cd ${WRKSRC} && ${CONFIGURE_ENV} ./${CONFIGURE_SCRIPT} --install
X ${CHMOD} 4711 /usr/bin/suidperl
X
X.include <bsd.port.mk>
END-of-drweb-qmail/Makefile
echo x - drweb-qmail/distinfo
sed 's/^X//' >drweb-qmail/distinfo << 'END-of-drweb-qmail/distinfo'
XMD5 (qmail-scanner-1.01.tgz) = 82b92420eda64e18197f35dbbd0a8a3d
END-of-drweb-qmail/distinfo
echo x - drweb-qmail/pkg-comment
sed 's/^X//' >drweb-qmail/pkg-comment << 'END-of-drweb-qmail/pkg-comment'
XQmail message filter for virus processing through DrWeb daemon
END-of-drweb-qmail/pkg-comment
echo x - drweb-qmail/pkg-descr
sed 's/^X//' >drweb-qmail/pkg-descr << 'END-of-drweb-qmail/pkg-descr'
XQmail message filter for virus processing through Qmail-Scanner and
XDrWeb daemon (Qmail-Scanner: Email Scanning Harness for
Qmail).END-of-drweb-qmail/pkg-descr
echo x - drweb-qmail/pkg-plist
sed 's/^X//' >drweb-qmail/pkg-plist << 'END-of-drweb-qmail/pkg-plist'
X@cwd /usr/bin
X@exec chmod 4711 %D/suidperl
X@cwd /var/spool
X@exec mkdir -p %D/qmailscan/quarantine/cur
X@exec mkdir -p %D/qmailscan/quarantine/new
X@exec mkdir -p %D/qmailscan/quarantine/tmp
X@exec mkdir -p %D/qmailscan/working/cur
X@exec mkdir -p %D/qmailscan/working/new
X@exec mkdir -p %D/qmailscan/working/tmp
X@exec ln -s %D/qmailscan/quarantine %D/qmailscan/viruses
Xqmailscan/qmail-queue.log
Xqmailscan/qmail-scanner-queue-version.txt
Xqmailscan/quarantine-attachments.db
Xqmailscan/quarantine-attachments.txt
Xqmailscan/quarantine.log
X@exec ln -s %D/qmailscan/quarantine.log %D/qmailscan/viruses.log
X@dirrm qmailscan/quarantine/cur
X@dirrm qmailscan/quarantine/new
X@dirrm qmailscan/quarantine/tmp
X@dirrm qmailscan/quarantine
X@dirrm qmailscan/working/cur
X@dirrm qmailscan/working/new
X@dirrm qmailscan/working/tmp
X@dirrm qmailscan/working
X@unexec unlink /var/spool/qmailscan/viruses
X@unexec unlink /var/spool/qmailscan/viruses.log
X@dirrm qmailscan
END-of-drweb-qmail/pkg-plist
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
virus processing through DrWeb daemon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001001c16b63$b8a10820$8802a8c0>