security/antivir-milter won't start correctly
Martin P. Hellwig
mhellwig at xs4all.nl
Fri Feb 27 07:45:02 PST 2004
Marius Strobl wrote:
>This is a known problem, also to the vendor, see:
>www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=20&t=000089
>(mainly in German, but also some English).
>I'm not aware of a reliable workaround and as this is a binary port
>there's unfortunately not that much that can be done in the port about
>it.
>
>
>
I've got a workaround :-), check the attachement for more info.
But I'm curios if this also works on other machines then my own.
I will post it on there forum too.
Mit freundlischen gruss,
Martin P. Hellwig
-------------- next part --------------
#! /bin/sh
#################################################################################################################################
#Scriptversion 0.05 %2004-02-27:M.P.Hellwig%
#
# This scripts is targeted for FreeBSD 5.x (build and tested on current cvsup build 2004 FEB 23 14:55)
# It is based upon the script from the port /security/antivir-milter by marius at alchemy.franken.de and the original scripts from
# H+EDV Datentechnik GmbH, a german company which owns, builds, maintains and sells AntiVir.
# The reason I build this script was to debug the odd behaviour that the socket seems to be only created if the script was run
# after boot time.
# I discoverd with the help of this script that the socket actually is created at boot time but is deleted after the boot shell
# detaches from the script. This script runs the start in the background which seems to resolve that behaviour.
# WARNING!
# I assumed in this script that all files which are needed by the binaries avmiller and antivir are in one and the same directory
# and that sendmail is the default installation configured at /etc/mail/.
# The default port installation places the antivir.conf and the avmilter.conf in /usr/local/etc and the other files in
# /usr/local/AntiVir (notice the capitalization), I advice to put all files in /usr/local/AntiVir and create a symbolic link back
# if you really can't get used to the place of the configuration files, overwrite the original rc.d script with this one.
#
# With this said it rests me to point out that there are some variables to set , just keep reading on,it explains itself ,I hope.
# Also be sure to adapt the AntiVir configuration files too, if done adapting those files and this script you can run this script
# with the options "vars" and "test" to look for the obvious errors.
# The options "status" checks if there is a PID and a socket, do use "update" often and reguluar for obvious reasons.
# If you still have to configure sendmail checkout the option "mc" which is by the way the recommend way to configure sendmail.
# However the option "cf" provided is for the easy way out.
# For both ways of configuring be carefull ,you can whipe your'e entire sendmail config with a single "clicker-de-click-click"
#################################################################################################################################
# DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER
#################################################################################################################################
# Which reminds me to remind you that I'm not responisble if this scripts ruins your'e sendmail/server/day/job/life/etc. etc.
# And by the way I am NOT associated with H+BEDV Datentechnik GmbH in any way, neither with FreeBSD, just a happy user.
#
# like always, have fun!
#
# Martin P. Hellwig
# mhellwig at xs4all.nl (private)
# martin at huygenslyceum dot nl (work didn't recieve to much spam ,wanna keep it that way)
#################################################################################################################################
# set the variables (those values between " and " )
# NAME is set to whatever you wan't to see it in the messages
# AVMSBINBATH should be set to were the avmilter binary is, do the same for ANTIVIRBIN
# the only reason I need to know the location of ANTIVIRBIN is to support update in this script
#################################################################################################################################
NAME="antivir-milter"; export NAME
AVMSBINPATH="/usr/local/sbin/avmilter"; export AVMSBINPATH
ANTIVIRBIN="/usr/local/AntiVir/antivir"; export ANTIVIRBIN
#################################################################################################################################
# these variables are all about what you fill in after "PATH/avmilter -C ..."
#################################################################################################################################
AVCONFPATH="/usr/local/AntiVir"; export AVCONFPATH
AVMINCFILE="avmilter.conf"; export AVMINCFILE
#################################################################################################################################
# these variable is all about what you fill in after "PATH/antivir -C ..."
# if you didn't know, the antivir binary is a CLI file scan console which can also be used to scan files on your'e drives,
# if you did know well sorry then
#################################################################################################################################
ANTIVIRCONF="/usr/local/AntiVir/antivir.conf"; export ANTIVIRCONF
#################################################################################################################################
# these variables are quite important because they dictate your'e socket which is used to communicate with sendmail,
# (FWIK) there are 2 options for AVMINP (local|inet) and depending on what you choose the other variables are set accordingly
# ##############################################################################################################################
# if you choose (local) then SOCKHOSTPATH must be set to the directory where you place the sock and
# SOCKNAMEPORT must be set to the file name, DO NOT fill in trailing slash in SOCKHOSTPATH or a beginning slash at SOCKNAMEPORT
# ##############################################################################################################################
# if you choose (inet) then SOCKHOSTPATH should be set to the name of the system, filling in "localhost" is probably the best
# option, SOCKNAMEPORT is set to the port , for some reason H+BEDV uses port number 3333 in there scripts, another best option
#################################################################################################################################
AVMINP="local"; export AVMINP
SOCKHOSTPATH="/usr/local/AntiVir"; export SOCKHOSTPATH
SOCKNAMEPORT="avmilter.sock"; export SOCKNAMEPORT
#################################################################################################################################
# if you wish you can stop now and save the changes, only silly jokes and internal stuff following
# don't change things after this line , exept if you know what your'e doing (that excludes me)
#################################################################################################################################
#################################################################################################################################
AVKEY="hbedv.key"; export AVKEY
AVVDF="antivir.vdf"; export AVVDF
#################################################################################################################################
# internal variables, if your'e still reading I figure you can figure out yourself what the variable do
#################################################################################################################################
AVMINC="$AVCONFPATH/$AVMINCFILE"; export AVMINC
AVKEYP="$AVCONFPATH"/"$AVKEY"; export AVKEYP
AVVDFP="$AVCONFPATH"/"$AVVDF"; export AVVDFP
SLEEPK="2"; export SLEEPT
#################################################################################################################################
# even some more internal variables, but the export variable depends of what type of socket port you wish to use
#################################################################################################################################
case "$AVMINP" in
local)
AVSOCK="$AVMINP:$SOCKHOSTPATH/$SOCKNAMEPORT"; export AVSOCK
SOCKPATH="$SOCKHOSTPATH/$SOCKNAMEPORT"; export SOCKPATH
;;
inet)
AVSOCK="$AVMINP:$SOCKNAMEPORT@$SOCKHOSTPATH"; export AVSOCK
;;
*)
echo "WARNING port type not correctly defined, Usage: {local|inet}"
exit 1
esac
#################################################################################################################################
# exporting the full avmilter start command because I'm to lazy to type it
#################################################################################################################################
STARTAV="$AVMSBINPATH -C $AVMINC -p $AVSOCK"; export STARTAV
AVUPBIN="$ANTIVIRBIN -C $ANTIVIRCONF"; export AVUPBIN
#################################################################################################################################
# this variables is set to test if avmilter is running already, variable will be refreshed at "killAvmilter" where it loops with
# a pause (SLEEPK) till all instances of avmilter are dead, this could result in an infinite loop if avmilter doesn't die
#################################################################################################################################
AVPIDX=`ps -axw | grep -v "grep" | grep "$AVMSBINPATH"`X; export AVPIDX
#################################################################################################################################
# and here starts the actually script
#################################################################################################################################
#################################################################################################################################
case "$1" in
start)
echo -n $NAME && "$0" silentStart &
;;
stop)
echo "Stopping "$NAME
"$0" silentStop
;;
restart)
echo $NAME "restart "
"$0" silentStart && "$0" status
;;
update)
$AVUPBIN --update
;;
silentStart)
"$0" nonVerboseTest
#"$0" silentStop
$STARTAV
;;
silentStop)
"$0" killAvmilter
"$0" removeSocket
;;
status)
case "$AVPIDX" in
X) echo "WARNING "$NAME" is not started "
exit 1
;;
*) echo $NAME "is running"
case "$AVMINP" in
local)
echo "Socket type is configured as "$AVSOCK
if [ -S $SOCKPATH ]
then
echo "Socket was created succesfully! "
exit 0
else
echo "WARNING! no socket found!"
exit 1
fi
;;
inet)
echo "Socket type is configured as a network socket at "$AVSOCK
NETSOCKTEST=`netstat -f inet -p tcp -n | grep $SOCKNAMEPORT`X; export NETSOCKTEST
case $NETSOCKTEST in
X)
echo "WARNING! no socket found!"
exit 1
;;
*)
echo "Socket was created succesfully! "
exit 0
esac
;;
*)
echo "WARNING port type not correctly defined, Usage: {local|inet}"
exit 1
esac
;;
esac
;;
vars)
echo
echo " NAME= "$NAME
echo "AVMSBINPATH= "$AVMSBINPATH
echo " ANTIVIRBIN= "$ANTIVIRBIN
echo "ANTIVIRCONF= "$ANTIVIRCONF
echo " AVMINC= "$AVMINC
echo " AVSOCK= "$AVSOCK
echo " AVKEYP= "$AVKEYP
echo " AVVDFP= "$AVVDFP
echo " STARTAV= "$STARTAV
echo " AVUPBIN= "$AVUPBIN
exit 0
;;
test)
TESTFAILURE="EMPTY"; export TESTFAILURE
echo
echo "####### AntiVir Checklist ####################################################"
if [ -x $AVMSBINPATH ]
then echo "Milter binary is in the path and is executable----------------------------[OK]"
else echo "Milter binary is in the path and is executable-----------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -x $ANTIVIRBIN ]
then echo "Scanner binary is in the path and is executable---------------------------[OK]"
else echo "Scanner binary is in the path and is executable----------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -f $AVMINC ]
then echo "Milter configuration file exists -----------------------------------------[OK]"
else echo "Milter configuration file exists ------------------------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -f $ANTIVIRCONF ]
then echo "Scanner configuration file exists ----------------------------------------[OK]"
else echo "Scanner configuration file exists -----------------------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -e $AVKEYP ]
then echo "License key exists -------------------------------------------------------[OK]"
else echo "License key exists --------------------------------------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -e $AVVDFP ]
then echo "Antivirus definition file exists -----------------------------------------[OK]"
else echo "Antivirus definition file exists ------------------------------------[FAILURE]"
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ $TESTFAILURE = "FAILED" ]
then echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
echo "!---------------- Test FAILED check your'e configuration --------------------!"
echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
exit 1
else echo "##############################################################################"
echo "Files appear to exists like set in this script, so the test is succesfull :-) "
echo " But remember this test is far from complete! "
echo "##############################################################################"
exit 0
fi
;;
nonVerboseTest)
TESTFAILURE="EMPTY"; export TESTFAILURE
if [ -x $AVMSBINPATH ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -x $ANTIVIRBIN ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -f $AVMINC ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -f $ANTIVIRCONF ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -e $AVKEYP ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ -e $AVVDFP ]
then
else
TESTFAILURE="FAILED"; export TESTFAILURE
fi
if [ $TESTFAILURE = "FAILED" ]
then echo "Pre-start AntiVir checkup failed, AntiVir miller,failed to start, run test"
exit 1
else
fi
;;
removeSocket)
case "$AVMINP" in
local)
if [ -S $AVSOCK ]
then
rm -f $AVSOCK
else
fi
;;
*)
esac
;;
killAvmilter)
case "$AVPIDX" in
X)
;;
*)
until test "$AVPIDX" = "X"
do
killall avmilter
sleep $SLEEPK
AVPIDX=`ps -axw | grep -v "grep" | grep "$AVMSBINPATH"`X; export AVPIDX
done
esac
;;
mc)
case "$AVMINP" in
local)
echo
echo "INPUT_MAIL_FILTER(\`$NAME',S=unix:$SOCKPATH, F=T, T=S:10m;R:10m;E:5m')"
echo
echo "# put the above line (its only _one_single_ line, don't spread it)"
echo "# in your'e /etc/mail/"`hostname`".mc"
echo "# execute \"make cf\" in /etc/mail/ "
echo "# then \"cp /etc/mail/"`hostname`".cf /etc/mail/sendmail.cf\""
echo "# if you cant't find /etc/mail/"`hostname`".mc then "
echo "# read /etc/mail/README first do the thing it says and return"
;;
inet)
echo
echo "INPUT_MAIL_FILTER(\`$NAME',S=$AVSOCK, F=T, T=S:10m;R:10m;E:5m')"
echo
echo "# put the above line (its only _one_single_ line, don't spread it)"
echo "# in your'e /etc/mail/"`hostname`".mc"
echo "# execute \"make cf\" in /etc/mail/ "
echo "# then \"cp /etc/mail/"`hostname`".cf /etc/mail/sendmail.cf\""
echo "# if you cant't find /etc/mail/"`hostname`".mc then "
echo "# read /etc/mail/README first do the thing it says and return"
;;
*)
esac
;;
cf)
case "$AVMINP" in
local)
echo
echo "O InputMailFilters=$NAME"
echo "X"$NAME", S=unix:$SOCKPATH, F=T, T=S:10m;R:10m;E:5m'"
echo
echo "# put the above 2 lines (only 2 single lines , don't spread it)"
echo "# in your'e /etc/mail/sendmail.cf and then restart sendmail"
;;
inet)
echo
echo "O InputMailFilters=$NAME"
echo "X"$NAME", S=$AVSOCK, F=T, T=S:10m;R:10m;E:5m'"
echo
echo "# put the above 2 lines (only 2 single lines , don't spread it)"
echo "# in your'e /etc/mail/sendmail.cf and then restart sendmail"
;;
*)
esac
;;
*)
echo "Usage: `basename $0` {start|stop|restart|update|status|vars|test|mc|cf}" >&2
exit 1
esac
exit 0
More information about the freebsd-ports
mailing list