In <[email protected]>, Boyd Stephen Smith Jr. wrote: >In <[email protected]>, Graeme Fowler wrote: >>On Thu, 2009-05-28 at 21:32 -0500, Boyd Stephen Smith Jr. wrote: >>> Notice that the port varies, for some reason. >> >>That's in response to the ClamAV API STREAM command, which is used for >>TCP connections to the scanning daemon. You make a connection and then >>this happens: >> >>Client: STREAM >>Server: PORT 12345 >> >>The client then opens a connection to port 12345 and streams the message >>down it for ClamAV to scan. > >That is unfortunate. Is there any way to restrict ClamAV to only one port > for that? Or possibly an iptables conntrack helper to load?
This got me looking in the right direction. You can control which ports this secondary connection is on through the simple use of clamd.conf. Specifically, the StreamMinPort and StramMaxPort options. This might not even be an issue in the future, since the INSTREAM command is supported by modern clamd. Thanks for the help; sorry for the noise. -- Boyd Stephen Smith Jr. ,= ,-_-. =. [email protected] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
signature.asc
Description: This is a digitally signed message part.
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
