[12/12] statusmail: Plugin for clamav
Commit Message
Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
---
config/rootfiles/packages/clamav | 1 +
lfs/clamav | 2 +-
lfs/statusmail | 2 +-
src/statusmail/plugins/services_clamav.pm | 170 ++++++++++++++++++++++++++++++
4 files changed, 173 insertions(+), 2 deletions(-)
create mode 100644 src/statusmail/plugins/services_clamav.pm
@@ -49,3 +49,4 @@ var/ipfire/clamav/freshclam.conf.sample
var/lib/clamav
etc/rc.d/init.d/clamav
usr/local/bin/clamavctrl
+usr/lib/statusmail/plugins/services_clamav.pm
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 44
+PAK_VER = 45
DEPS = ""
@@ -64,7 +64,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
install -v -m 0644 $(DIR_APP)/statusmail/plugins/system_status_services.pm /usr/lib/statusmail/plugins/
install -v -m 0644 $(DIR_APP)/statusmail/plugins/services_urlfilter.pm /usr/lib/statusmail/plugins/
install -v -m 0644 $(DIR_APP)/statusmail/plugins/services_intrusion_prevention_system.pm /usr/lib/statusmail/plugins/
-# install -v -m 0644 $(DIR_APP)/statusmail/plugins/services_clamav.pm /usr/lib/statusmail/plugins/
+ install -v -m 0644 $(DIR_APP)/statusmail/plugins/services_clamav.pm /usr/lib/statusmail/plugins/
install -v -m 0644 $(DIR_APP)/statusmail/plugins/services_ups_apc.pm /usr/lib/statusmail/plugins/
@rm -rf $(DIR_APP)
new file mode 100644
@@ -0,0 +1,170 @@
+#!/usr/bin/perl
+
+############################################################################
+# #
+# Send log and status emails for IPFire #
+# #
+# This is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2018 - 2019 The IPFire Team #
+# #
+############################################################################
+
+require "${General::swroot}/lang.pl";
+
+use strict;
+use warnings;
+
+package Services_Calmav;
+
+use Time::Local;
+
+############################################################################
+# BEGIN Block
+#
+# Register the log items available in this file
+############################################################################
+
+sub BEGIN
+{
+ main::add_mail_item( 'ident' => 'services-clamav-alerts',
+ 'section' => $Lang::tr{'services'},
+ 'subsection' => 'Clam AV',
+ 'item' => $Lang::tr{'statusmail ids alerts'},,
+ 'function' => \&alerts );
+
+ main::add_mail_item( 'ident' => 'services-clamav-updates',
+ 'section' => $Lang::tr{'services'},
+ 'subsection' => 'Clam AV',
+ 'item' => $Lang::tr{'updates'},
+ 'function' => \&updates );
+}
+
+############################################################################
+# Functions
+############################################################################
+
+sub get_log( $ );
+
+#------------------------------------------------------------------------------
+# sub get_log( this )
+#
+# Gets relevant information from the system log and caches it.
+#
+# Parameters:
+# this message object
+#
+# Returns:
+# reference to hash of wanted information
+#------------------------------------------------------------------------------
+
+sub get_log( $ )
+{
+ my ($this) = @_;
+
+ my $data = $this->cache( 'services-clamav' );
+ return $data if (defined $data);
+
+ my %info;
+ my $line;
+
+ while ($line = $this->get_message_log_line)
+ {
+ next unless ($line);
+ next unless ($line =~ m/clamd\[.*\]:|freshclam\[.*\]:/);
+
+ my ($time, $message) = $line =~ m/\w+\s+(\d+\s+\d+:\d+:\d+).*(?:clamd\[.*\]:|freshclam\[.*\]:) (.*)/;
+
+ if ($message =~ m/^.+?: (.*?) FOUND/i)
+ {
+ $info{viruses}{$1}++;
+ }
+ elsif ($message =~ m/^Database correctly reloaded \((\d+) (?:signatures|viruses)\)/i)
+ {
+ $info{rules} = $1;
+ $info{updates}++;
+ }
+ }
+
+ $this->cache( 'services-clamav', \%info );
+
+ return \%info;
+}
+
+#------------------------------------------------------------------------------
+# sub alerts( this, min_count )
+#
+# Outputs information on detected viruses etc.
+#
+# Parameters:
+# this message object
+# min_count only output information if it occurs at least this many times.
+#------------------------------------------------------------------------------
+
+sub alerts( $$ )
+{
+ my ($self, $min_count) = @_;
+ my @table;
+
+ use Sort::Naturally;
+
+ push @table, [ $Lang::tr{'statusmail ids alert'}, $Lang::tr{'count'} ];
+
+ my $info = get_log( $self );
+
+ foreach my $virus ( sort { $$info{viruses}{$b} <=> $$info{viruses}{$a} || $a cmp $b} keys %{ $$info{viruses} } )
+ {
+ push @table, [ $virus, $$info{viruses}{$virus} ];
+ }
+
+ if (@table > 1)
+ {
+ $self->add_table( @table );
+
+ return 1;
+ }
+
+ return 0;
+}
+
+#------------------------------------------------------------------------------
+# sub updates( this )
+#
+# Output information on ClamAV rule updates.
+#
+# Parameters:
+# this message object
+#------------------------------------------------------------------------------
+
+
+sub updates( $ )
+{
+ my ($self) = @_;
+ my @table;
+
+ my $info = get_log( $self );
+
+ if (exists $$info{rules})
+ {
+ $self->add_text( "$Lang::tr{'installed updates'} $$info{updates}\n" );
+ $self->add_text( "$Lang::tr{'statusmail signatures'} $$info{rules}\n" );
+
+ return 1;
+ }
+
+ return 0;
+}
+
+1;