Integrating ClamAV with PureFTPd in CentOS 5.4

In the following article TipsMake.com will introduce you how to integrate ClamAV application with PureFTPd to scan viruses in CentOS system platform 5.4

In the following article TipsMake.com will show you how to integrate ClamAV application with PureFTPd to scan viruses in CentOS system platform 5.4. When completed, any data that goes through PureFTPd, ClamAV will automatically check and delete if it detects suspicious signs .

Preliminary note

PureFTPd is installed and works well on CentOS 5.4 server system.

Install ClamAV

In fact, ClamAV is not available on CentOS repository, so we must enable RPMforge repository:

rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

cd / tmp
wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

Then proceed to install ClamAV as follows:

yum install clamav clamd

Next create the boot path for clamd and activate it at the same time:

chkconfig --levels 235 clamd on
/ usr / bin / freshclam

/etc/init.d/clamd start

Set up PureFTPd

First, open the /etc/pure-ftpd/pure-ftpd.conf file and set the CallUploadScript value to yes:

vi /etc/pure-ftpd/pure-ftpd.conf

[.]
# If pure-ftpd đã được biên dịch với pure-uploadscript support,
# sẽ sẽ tạo pure-ftpd ghi info về mới uploads big
# /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
# spawn a script để xử lý việc đăng tải.

CallUploadScript yes
[.]

Then, create the file /etc/pure-ftpd/clamav_check.sh (with the function to call / usr / bin / clamdscan whenever data 'goes through PureFTPd'):

vi /etc/pure-ftpd/clamav_check.sh

#! / bin / sh
/ usr / bin / clamdscan --remove --quiet --no-summary "$ 1"

And assign executable properties to the application:

chmod 755 /etc/pure-ftpd/clamav_check.sh

Then, starting the pure-uploadscript program as a daemon application - the program will call the /etc/pure-ftpd/clamav_check.sh script whenever the data is downloaded via PureFTPd:

pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh

Besides, most people don't want to activate the daemon program every time they start the system, so do the following: open /etc/rc.local .:

vi /etc/rc.local

and add the following command line / usr / sbin / pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh. Examples are as follows:

#! / bin / sh
#
Số script này sẽ được thực hiện * sau * tất cả các phiên bản init khác.
# Bạn có thể đặt một tên của bạn đầu tiên thiết bị trong đây If bạn không
# want to do full sys V style init stuff.

/ usr / sbin / pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh
touch / var / lock / subsys / local

Then restart PureFTPd:

/etc/init.d/pure-ftpd restart

So, you have completed the integration of ClamAV security program with PureFTPd, and every time the data is transferred through here, ClamAV will work, review and automatically delete the suspected files infected.

Good luck!