4 # Copyright (c) 2007 Breach Security
6 # This script is an interface between ModSecurity and its
7 # ability to intercept files being uploaded through the
8 # web server, and ClamAV
11 $CLAMSCAN = "clamscan";
14 print "Usage: modsec-clamscan.pl <filename>\n";
18 my ($FILE) = shift @ARGV;
20 $cmd = "$CLAMSCAN --stdout --disable-summary $FILE";
25 $output = "0 Unable to parse clamscan output [$1]";
27 if ($error_message =~ m/: Empty file\.?$/) {
28 $output = "1 empty file";
30 elsif ($error_message =~ m/: (.+) ERROR$/) {
31 $output = "0 clamscan: $1";
33 elsif ($error_message =~ m/: (.+) FOUND$/) {
34 $output = "0 clamscan: $1";
36 elsif ($error_message =~ m/: OK$/) {
37 $output = "1 clamscan: OK";