diff --git a/net/clamav/Makefile b/net/clamav/Makefile new file mode 100644 index 000000000..a401e7493 --- /dev/null +++ b/net/clamav/Makefile @@ -0,0 +1,120 @@ +# +# Copyright (C) 2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=clamav +PKG_VERSION:=0.98.6 +PKG_RELEASE:=1 + +PKG_LICENSE:=GPL-2.0 +PKG_MAINTAINER:=Marko Ratkaj + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://downloads.sourceforge.net/project/clamav/clamav/$(PKG_VERSION)/ +PKG_MD5SUM:=7f4f7e82a09e42c4ebf153d6d452d9d8 + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/uclibc++.mk +include $(INCLUDE_DIR)/package.mk + +define Package/clamav/Default + SECTION:=net + DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libopenssl + CATEGORY:=Network + SUBMENU:=Web Servers/Proxies + TITLE:=ClamAV + URL:=http://www.clamav.net/ +endef + +define Package/clamav + $(call Package/clamav/Default) +endef + +define Package/freshclam + $(call Package/clamav/Default) + DEPENDS+= +clamav + TITLE+=database updater +endef + +define Package/clamav/description + ClamAV is an open source antivirus engine for detecting trojans, + viruses, malware & other malicious threats. +endef + +define Package/freshclam/description + Database updater for ClamAV +endef + +define Package/clamav/conffiles +endef + +CONFIGURE_VARS += \ + INCLUDES="" \ + CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \ + LIBS="-lpthread" \ + +define Build/Configure + $(call Build/Configure/Default, \ + --sysconfdir=/etc/clamav/ \ + --prefix=/usr/ \ + --exec-prefix=/usr/ \ + --disable-xml \ + --disable-bzip2 \ + --enable-ltdl-install \ + --with-user nobody \ + --with-group nogroup \ + ) +endef + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR) \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + all install +endef + +define Package/clamav/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/ + + $(INSTALL_DIR) $(1)/usr/include + $(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/ + + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/ + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav + + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav + + $(INSTALL_DIR) $(1)/usr/share/clamav + $(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/ +endef + +define Package/freshclam/install + $(INSTALL_DIR) $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/freshclam $(1)/usr/sbin/ + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/freshclam.config $(1)/etc/config/freshclam + + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) ./files/freshclam.init $(1)/etc/init.d/freshclam +endef + +$(eval $(call BuildPackage,clamav)) +$(eval $(call BuildPackage,freshclam)) diff --git a/net/clamav/files/bytecode.cvd b/net/clamav/files/bytecode.cvd new file mode 100644 index 000000000..07ff8ab01 Binary files /dev/null and b/net/clamav/files/bytecode.cvd differ diff --git a/net/clamav/files/clamav.config b/net/clamav/files/clamav.config new file mode 100644 index 000000000..1543caa71 --- /dev/null +++ b/net/clamav/files/clamav.config @@ -0,0 +1,34 @@ +config clamav 'clamav' + option clamd_config_file '/etc/clamav/clamd.conf' + option LogFile '/tmp/clamd.log' + option LogFileMaxSize '1M' + option LogTime 'no' + option LogVerbose 'no' + option ExtendedDetectionInfo 'no' + option OfficialDatabaseOnly 'no' + option StreamMinPort '1024' + option StreamMaxPort '2048' + option MaxThreads '10' + option ReadTimeout '30' + option CommandReadTimeout '5' + option MaxDirectoryRecursion '15' + option FollowDirectorySymlinks 'no' + option FollowFileSymlinks 'no' + option SelfCheck '600' + option DetectPUA 'yes' + option ScanPE 'yes' + option DisableCertCheck 'no' + option ScanELF 'yes' + option DetectBrokenExecutables 'no' + option ScanOLE2 'yes' + option ScanPDF 'yes' + option ScanSWF 'yes' + option ScanMail 'yes' + option ScanPartialMessages 'no' + option ScanArchive 'yes' + option ArchiveBlockEncrypted 'yes' + option MaxFileSize '10M' + option TemporaryDirectory '/tmp' + option LocalSocket '/var/run/clamav/clamd.sock' + option User 'nobody' + option ExitOnOOM 'yes' diff --git a/net/clamav/files/clamav.init b/net/clamav/files/clamav.init new file mode 100644 index 000000000..b2a895019 --- /dev/null +++ b/net/clamav/files/clamav.init @@ -0,0 +1,116 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2015 OpenWrt.org + +START=90 +STOP=10 + +USE_PROCD=1 +PROG=/usr/sbin/clamd +CLAMD_CONFIGFILE="/tmp/clamav/clamd.conf" + +validate_clamav_section() { + uci_validate_section clamav clamav "${1}" \ + 'clamd_config_file:string' \ + 'LogFile:string' \ + 'LogFileMaxSize:string' \ + 'LogVerbose:string' \ + 'ExtendedDetectionInfo:string' \ + 'LogTime:string' \ + 'OfficialDatabaseOnly:string' \ + 'StreamMinPort:uinteger' \ + 'StreamMaxPort:uinteger' \ + 'MaxThreads:uinteger' \ + 'ReadTimeout:uinteger' \ + 'CommandReadTimeout:uinteger' \ + 'MaxDirectoryRecursion:uinteger' \ + 'FollowDirectorySymlinks:string' \ + 'FollowFileSymlinks:string' \ + 'SelfCheck:uinteger' \ + 'DetectPUA:string' \ + 'ScanPE:string' \ + 'DisableCertCheck:string' \ + 'ScanELF:string' \ + 'DetectBrokenExecutables:string' \ + 'ScanOLE2:string' \ + 'ScanPDF:string' \ + 'ScanSWF:string' \ + 'ScanMail:string' \ + 'ScanPartialMessages:string' \ + 'ScanArchive:string' \ + 'TemporaryDirectory:string' \ + 'ArchiveBlockEncrypted:string' \ + 'MaxFileSize:string' \ + 'LocalSocket:string' \ + 'User:string' \ + 'ExitOnOOM:string' +} + +start_service() { + local clamd_config_file LogFile LogTime StreamMinPort \ + StreamMaxPort MaxThreads ReadTimeout CommandReadTimeout MaxDirectoryRecursion \ + FollowFileSymlinks FollowDirectorySymlinks SelfCheck DetectPUA ScanPE DisableCertCheck \ + ScanELF DetectBrokenExecutables ScanOLE2 ScanPDF ScanSWF ScanMail ScanPartialMessages \ + ScanArchive TemporaryDirectory ArchiveBlockEncrypted MaxFileSize LocalSocket User + + validate_clamav_section clamav || { + echo "validation failed" + return 1 + } + + mkdir -p /usr/share/clamav + mkdir -p /etc/clamav/ + mkdir -p /var/run/clamav/ + chmod a+rw /var/run/clamav + + mkdir -p $(dirname $CLAMD_CONFIGFILE) + ln -sf $clamd_config_file $CLAMD_CONFIGFILE + + echo "LogFile " $LogFile > $CLAMD_CONFIGFILE + echo "LogFileMaxSize " $LogFileMaxSize >> $CLAMD_CONFIGFILE + echo "LogVerbose " $LogVerbose >> $CLAMD_CONFIGFILE + echo "ExtendedDetectionInfo " $ExtendedDetectionInfo >> $CLAMD_CONFIGFILE + echo "LogTime " $LogTime >> $CLAMD_CONFIGFILE + echo "OfficialDatabaseOnly " $OfficialDatabaseOnly >> $CLAMD_CONFIGFILE + echo "StreamMinPort " $StreamMinPort >> $CLAMD_CONFIGFILE + echo "StreamMaxPort " $StreamMaxPort >> $CLAMD_CONFIGFILE + echo "MaxThreads " $MaxThreads >> $CLAMD_CONFIGFILE + echo "ReadTimeout " $ReadTimeout >> $CLAMD_CONFIGFILE + echo "CommandReadTimeout " $CommandReadTimeout >> $CLAMD_CONFIGFILE + echo "MaxDirectoryRecursion " $MaxDirectoryRecursion >> $CLAMD_CONFIGFILE + echo "FollowDirectorySymlinks " $FollowDirectorySymlinks >> $CLAMD_CONFIGFILE + echo "FollowFileSymlinks " $FollowFileSymlinks >> $CLAMD_CONFIGFILE + echo "SelfCheck " $SelfCheck >> $CLAMD_CONFIGFILE + echo "DetectPUA " $DetectPUA >> $CLAMD_CONFIGFILE + echo "ScanPE " $ScanPE >> $CLAMD_CONFIGFILE + echo "DisableCertCheck " $DisableCertCheck >> $CLAMD_CONFIGFILE + echo "ScanELF " $ScanELF >> $CLAMD_CONFIGFILE + echo "DetectBrokenExecutables " $DetectBrokenExecutables >> $CLAMD_CONFIGFILE + echo "ScanOLE2 " $ScanOLE2 >> $CLAMD_CONFIGFILE + echo "ScanPDF " $ScanPDF >> $CLAMD_CONFIGFILE + echo "ScanSWF " $ScanSWF >> $CLAMD_CONFIGFILE + echo "ScanMail " $ScanMail >> $CLAMD_CONFIGFILE + echo "ScanPartialMessages " $ScanPartialMessages >> $CLAMD_CONFIGFILE + echo "ScanArchive " $ScanArchive >> $CLAMD_CONFIGFILE + echo "TemporaryDirectory " $TemporaryDirectory >> $CLAMD_CONFIGFILE + echo "ArchiveBlockEncrypted " $ArchiveBlockEncrypted >> $CLAMD_CONFIGFILE + echo "MaxFileSize " $MaxFileSize >> $CLAMD_CONFIGFILE + echo "LocalSocket " $LocalSocket >> $CLAMD_CONFIGFILE + echo "User " $User >> $CLAMD_CONFIGFILE + echo "ExitOnOOM " $ExitOnOOM >> $CLAMD_CONFIGFILE + + procd_open_instance + procd_set_param command $PROG -c $CLAMD_CONFIGFILE + procd_set_param file $CLAMD_CONFIGFILE + procd_close_instance +} + +stop_service() +{ + service_stop ${PROG} +} + +service_triggers() +{ + procd_add_reload_trigger "clamav" + procd_add_validation validate_clamav_section +} diff --git a/net/clamav/files/freshclam.config b/net/clamav/files/freshclam.config new file mode 100644 index 000000000..827e8dd95 --- /dev/null +++ b/net/clamav/files/freshclam.config @@ -0,0 +1,7 @@ +config freshclam 'freshclam' + option freshclam_config_file '/etc/clamav/freshclam.conf' + option UpdateLogFile '/tmp/freshclam.log' + option DatabaseMirror 'database.clamav.net' + option NotifyClamd '/etc/clamav/clamd.conf' + option DatabaseOwner 'root' + option CompressLocalDatabase 'yes' diff --git a/net/clamav/files/freshclam.init b/net/clamav/files/freshclam.init new file mode 100644 index 000000000..37b276729 --- /dev/null +++ b/net/clamav/files/freshclam.init @@ -0,0 +1,63 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2015 OpenWrt.org + +START=90 +STOP=10 + +USE_PROCD=1 +PROG=/usr/sbin/freshclam +FRESHCLAM_CONFIGFILE="/tmp/clamav/freshclam.conf" + +validate_freshclam_section() { + uci_validate_section freshclam freshclam "${1}" \ + 'freshclam_config_file:string' \ + 'UpdateLogFile:string' \ + 'DatabaseMirror:string' \ + 'NotifyClamd:string' \ + 'DatabaseOwner:string' \ + 'CompressLocalDatabase:string:' +} + +start_service() { + local freshclam_config_file UpdateLogFile DatabaseOwner NotifyClamd DatabaseMirror + + validate_freshclam_section freshclam || { + echo "validation failed" + return 1 + } + + [ -f /tmp/freshclam.pid ] && echo "already running" && return 0 + + mkdir -p /usr/share/clamav + mkdir -p /etc/clamav + touch /tmp/freshclam.log + touch /tmp/freshclam.pid + + mkdir -p $(dirname $FRESHCLAM_CONFIGFILE) + ln -sf $freshclam_config_file $FRESHCLAM_CONFIGFILE + + echo "UpdateLogFile " $UpdateLogFile > $FRESHCLAM_CONFIGFILE + echo "DatabaseMirror " $DatabaseMirror >> $FRESHCLAM_CONFIGFILE + echo "NotifyClamd " $NotifyClamd >> $FRESHCLAM_CONFIGFILE + echo "DatabaseOwner " $DatabaseOwner >> $FRESHCLAM_CONFIGFILE + echo "CompressLocalDatabase " $CompressLocalDatabase >> $FRESHCLAM_CONFIGFILE + + procd_open_instance + procd_set_param command $PROG -d --config-file=$FRESHCLAM_CONFIGFILE -p /tmp/freshclam.pid --no-warnings + procd_set_param file $FRESHCLAM_CONFIGFILE + procd_close_instance +} + +stop_service() +{ + [ ! -f /tmp/freshclam.pid ] && echo "not running" && return 0 + PID=`cat /tmp/freshclam.pid` + kill $PID + rm -f /tmp/freshclam.pid +} + +service_triggers() +{ + procd_add_reload_trigger "freshclam" + procd_add_validation validate_freshclam_section +} diff --git a/net/clamav/patches/001-compile.patch b/net/clamav/patches/001-compile.patch new file mode 100644 index 000000000..399225708 --- /dev/null +++ b/net/clamav/patches/001-compile.patch @@ -0,0 +1,10 @@ +--- a/clamdscan/proto.c ++++ b/clamdscan/proto.c +@@ -55,6 +55,7 @@ + #include "shared/misc.h" + #include "shared/clamdcom.h" + ++#include + #include "proto.h" + #include "client.h" +