首先让我说,clamd已被证明能够正确回应:
$ echo PING | nc -U /var/run/clamav/clamd.sock
PONG
扫描仪设置如下:
#set up a Clamav scanner
use File::VirusScan;
use File::VirusScan::ResultSet;
my $scanner = File::VirusScan->new({
engines => {
'-Daemon::ClamAV::Clamd' => {
socket_name => '/var/run/clamav/clamd.sock',
},
},
});
并且整个脚本在Solaris 11机箱上运行良好。我在Linux CentOS 5.3(最终版)上运行此操作我在从CPAN安装File :: VirusScan时遇到问题,最新版本0.102不会编译,CPAN测试人员似乎证实这是因为435失败了437.所以我从CPAN下载了prev 0.101版本,I版本也在Solaris中运行并且手动安装显然没问题
perl -v
This is perl, v5.8.8 built for x86_64-linux-thread-multi
sub scanner {
$|++; # buffer disabled
(my $path, my $logClean) = @_;
my $recurse = 5;
print color "yellow";
print "[i] Building file scan queue - recurse deepth $recurse \n";
print color "green";
print "SCAN QUEUE:0";
#Get list of files
if( $rootPath){
use File::Find::Rule;
my $finder = File::Find::Rule->maxdepth($recurse)->file->relative->start("$$path");
while( my $file = $finder->match() ){
$|++;
#$file = substr($file,length($rootPath)); #remove path bloat
push(@scanList,"/$file");
print "\rSCAN QUEUE:" .scalar(@scanList); #update screen
}
}else{
push(@scanList,"$$path");
}
print "\rSCANING:0";
#set up a Clamav scanner
use File::VirusScan;
use File::VirusScan::ResultSet;
my $scanner = File::VirusScan->new({
engines => {
'-Daemon::ClamAV::Clamd' => {
socket_name => '/var/run/clamav/clamd.sock',
},
},
});
#scan each file
my $scanning = 0;
my $complete = -1;
foreach $scanFile (@scanList){
$scanning++;
##################################################
#scan this file
$results = $scanner->scan($rootPath.$scanFile);
##################################################
#array of hashes
my $centDone = int(($scanning/scalar(@scanList))*100);
if($centDone > $complete){
$complete = $centDone;
}
if($centDone < 100){
#\r to clear/update line
$format = "%-9s %-60s %-15s %-5s";
printf $format, ("\rSCANING:", substr($scanFile,-50), "$scanning/".scalar(@scanList), "$centDone%");
}else{
print "\rSCAN COMPLETE ";
}
# array ref
foreach $result (@$results) {
#array of pointers to hashes
#print 'data:'
#print 'state:'
if($$result{state} ne "clean"){
if($$result{data} =~ /^Clamd returned error: 2/){
$$result{data} = "File too big to scan";
}
push(@scanResults,[$scanFile,$$result{state},$$result{data}]); # results
}elsif($$logClean){
push(@scanResults,[$scanFile,$$result{state},$$result{data}]);
}
unless($$result{state} eq "clean"){
print color "red";
print "\r$scanFile,$$result{state},$$result{data}\n";
print color "green";
print "\rSCANING: $scanning/".scalar(@scanList)." : $centDone%";
if($$result{state} eq "virus"){
push(@scanVirus,scalar(@scanResults)-1); #scanResuts index of virus
}elsif($$result{state} eq "error"){
push(@scanError,scalar(@scanResults)-1); #scanResuts index of Error
}
}
}
} print "\n";
}
答案 0 :(得分:1)
查看source code for the Clamd package以下脚本应该接近它正在尝试的呼叫,并希望能让您更好地了解它是如何失败的。尝试将其保存到单独的文件(如test.pl)并使用&#34; perl test.pl&#34;运行它:
use IO::Socket::UNIX;
use IO::Select;
my $socket_name = '/var/run/clamav/clamd.sock';
my $sock = IO::Socket::UNIX->new(Peer => $socket_name);
if(!defined($sock)) {
die("Couldn't create socket for path $socket_name");
}
my $s = IO::Select->new($sock);
if(!$s->can_write(5)) {
$sock->close;
die("Timeout waiting to write PING to clamd daemon at $socket_name");
}
if(!$sock->print("SESSION\nPING\n")) {
$sock->close;
die('Could not ping clamd');
}
if(!$sock->flush) {
$sock->close;
die('Could not flush clamd socket');
}
if(!$s->can_read($self->{5})) {
$sock->close;
die("Timeout reading from clamd daemon at $socket_name");
}
my $ping_response;
if(!$sock->sysread($ping_response, 256)) {
$sock->close;
die('Did not get ping response from clamd');
}
if(!defined $ping_response || $ping_response ne "PONG\n") {
$sock->close;
die("Unexpected response from clamd: $ping_response");
}
答案 1 :(得分:0)
看起来各种防病毒引擎需要与File :: VirusScan基本库分开安装。以下是否会返回错误?
perl -mFile::VirusScan::Engine::Daemon::ClamAV::Clamd -e ''
如果显示无法找到Clamd.pm的错误,则需要安装该引擎模块。
如果它没有显示错误,您需要发布更多详细信息,例如您实际用于执行扫描和/或错误输出的代码(如果有)。