mod clamav для proftpd У кого работает?

Andreyka:
А в логах антивируса что

Sun Jan 29 04:44:06 2012 -> SIGHUP caught: re-opening log file.
Sun Jan 29 14:04:09 2012 -> SelfCheck: Database status OK.
Sun Jan 29 14:14:09 2012 -> SelfCheck: Database status OK.
Sun Jan 29 14:21:29 2012 -> Waiting for all threads to finish
Sun Jan 29 14:21:29 2012 -> Shutting down the main socket.
Sun Jan 29 14:21:29 2012 -> Pid file removed.
Sun Jan 29 14:21:29 2012 -> --- Stopped at Sun Jan 29 14:21:29 2012
Sun Jan 29 14:21:29 2012 -> Closing the main socket.
Sun Jan 29 14:21:29 2012 -> +++ Started at Sun Jan 29 14:21:29 2012
Sun Jan 29 14:21:29 2012 -> clamd daemon 0.97.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Sun Jan 29 14:21:29 2012 -> Running as user root (UID 0, GID 0)
Sun Jan 29 14:21:29 2012 -> Log file size limited to -1 bytes.
Sun Jan 29 14:21:29 2012 -> Reading databases from /var/clamav
Sun Jan 29 14:21:29 2012 -> Not loading PUA signatures.
Sun Jan 29 14:21:29 2012 -> Bytecode: Security mode set to "TrustSigned".
Sun Jan 29 14:21:32 2012 -> Loaded 1121818 signatures.
Sun Jan 29 14:21:33 2012 -> TCP: Bound to address 127.0.0.1 on port 3310
Sun Jan 29 14:21:33 2012 -> TCP: Setting connection queue length to 30
Sun Jan 29 14:21:33 2012 -> LOCAL: Unix socket file /tmp/clamd
Sun Jan 29 14:21:33 2012 -> LOCAL: Setting connection queue length to 30
Sun Jan 29 14:21:33 2012 -> Limits: Global size limit set to 104857600 bytes.
Sun Jan 29 14:21:33 2012 -> Limits: File size limit set to 26214400 bytes.
Sun Jan 29 14:21:33 2012 -> Limits: Recursion level limit set to 16.
Sun Jan 29 14:21:33 2012 -> Limits: Files limit set to 10000.
Sun Jan 29 14:21:33 2012 -> Limits: Core-dump limit is 0.
Sun Jan 29 14:21:33 2012 -> Archive support enabled.
Sun Jan 29 14:21:33 2012 -> Algorithmic detection enabled.
Sun Jan 29 14:21:33 2012 -> Portable Executable support enabled.
Sun Jan 29 14:21:33 2012 -> ELF support enabled.
Sun Jan 29 14:21:33 2012 -> Detection of broken executables enabled.
Sun Jan 29 14:21:33 2012 -> Mail files support enabled.
Sun Jan 29 14:21:33 2012 -> OLE2 support enabled.
Sun Jan 29 14:21:33 2012 -> PDF support enabled.
Sun Jan 29 14:21:33 2012 -> HTML support enabled.
Sun Jan 29 14:21:33 2012 -> Self checking every 600 seconds.
Sun Jan 29 14:21:33 2012 -> Listening daemon: PID: 17526
Sun Jan 29 14:21:33 2012 -> MaxQueue set to: 100
Sun Jan 29 14:31:33 2012 -> No stats for Database check - forcing reload
Sun Jan 29 14:31:33 2012 -> Reading databases from /var/clamav
Sun Jan 29 14:31:36 2012 -> Database correctly reloaded (1121818 signatures)
Sun Jan 29 14:43:56 2012 -> SelfCheck: Database status OK.
Sun Jan 29 16:23:56 2012 -> SelfCheck: Database status OK.

даже пропускает wget http://www.eicar.org/download/eicar.com.txt

Himiko:
А что не должно пропускать подобное?

Andreyka:
Я не вижу в логах антивируса запроса от proftpd на проверку файла

clamd

Himiko:
Это демон, который вообще ничего не делает.
Запускаете clamscan - проверяет файлы.
Модуль для ftp - проверяет файлы, которые закачиваются.

А для wget модуля нет :)

cp mod_clamav-0.10/mod_clamav.* proftpd-1.3.4a/contrib
tar xzvf proftpd-mod-vroot-0.9.2.tar.gz
mv mod_vroot/mod_vroot.* proftpd-1.3.4a/contrib
mv mod_vroot/t/lib/ProFTPD/Tests/Modules/* proftpd-1.3.4a/tests/t/lib/ProFTPD/Tests/Modules
mv mod_vroot/t/Modules/* proftpd-1.3.4a/tests/t/Modules
cd proftpd-1.3.4a
patch -p1 < ../mod_clamav-0.10/proftpd.patch
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-modules=mod_readme:mod_auth_pam:mod_tls:mod_vroot:mod_clamav --with-shared=mod_quotatab:mod_quotatab_file:mod_quotatab_radius:mod_ban:mod_wrap:mod_ctrls_admin:mod_load:mod_radius:mod_ratio:mod_rewrite:mod_site_misc:mod_exec:mod_shaper:mod_facl:mod_tls_shmcache:mod_ifsession --enable-dso --enable-facl --enable-ipv6 --enable-openssl --enable-shadow --enable-nls --enable-ctrls
make
make install