same problem here :-(
the fault is in
if ($DD =~ /\n[\s|] (LINFECTED) (.*)\n/) {
I'm trying to probe some other lines. the sub-fprot looks nice for me.
If i have some news, i'll tell you
mandy
Peter Mikeska wrote:
Hi, I get also new AVP 5 , vith kavscaner its working I also try make it work with aveclient/server first of all, scanning with daemon version is about 5 time faster on single email second I make it work but I have lack of knowledge of perl ;(( so, I can get it through scanner, get back message that virus found, but dont know how parse avp status report, on reply message I get only ------------------------------- The virus was reported to be:
suspicioAAus ----------------- dont know which virii it was output of status in log is on last line (if are there more that one virii)
LINFECTED I-Worm.Avron.b Worm.Win32.Opasoft.e --
can pliz someone make better crunching of exit output, parsing lines .... ?
so here it is: (ugly version)
my avpbinary=aveclient ... sub avp_scanner { &debug("kasp: starting scan of directory \"$ENV{'TMPDIR'}\"..."); my ($start_avp_time)=[gettimeofday]; my ($avp_verbose,$DD,$avp_status,$stop_avp_time,$avp_time); $avp_verbose="" if ($DEBUG);
# here is change 1. &debug("run $avp_binary -p /var/run/aveserver -s $scandir/tmp/$file_id/* 2>&1"); $DD=`$avp_binary -p /var/run/aveserver -s $scandir/tmp/$file_id/* 2>&1`; $avp_status=($? >> 8); &debug("--output of avp was:\n$DD--"); if ( $avp_status > 0 ) {
# change 2. here i must add |4| it wont work without it
if ($avp_status =~ /^(0|4|5|20|21|25|8)$/) {
#This covers the potential viruses
$quarantine_description="suspicious";
if ($DD =~ /\n[\s|] (LINFECTED) (.*)\n/) {
$quarantine_description=$3;
} elsif ($DD =~ /\n[\s|](.*) (suspicion): (.*)\n/) {
#This covers the specific $destring='Suspicious file:';
$quarantine_description=$3;
}
&debug("There be a $destring! ($quarantine_description)");
($quarantine_event=$quarantine_description)=~s/\s/_/g;
$quarantine_event="AVP:".substr($quarantine_event,0,$QE_LEN);
} else {
&error_condition("corrupt or unknown Kaspersky scanner error or memory/resource/perms problems - exit status $avp_status");
}
}
$stop_avp_time=[gettimeofday];
$avp_time = tv_interval ($start_avp_time, $stop_avp_time);
&debug("\n kasp: finished scan of dir \"$ENV{'TMPDIR'}\" in $avp_time secs");
}
thnx in advance Miki
+-------V-------+ | Peter Mikeska | [EMAIL PROTECTED] | | A L C A T E L | | System Engineer | phone: +421 44 5206316 | +---------------+ | IT Services MadaCom | fax: +421 44 5206356 |
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
