small change in output in upcoming version of F-Prot 4.x

Fri Jan 24 17:27:54 GMT 2003

Thanks for that.
Please can you check that this patch works okay with F-Prot 4 (and 3 if
possible).

--- /usr/lib/MailScanner/SweepViruses.pm        Sun Jan 19 16:42:28 2003
+++ SweepViruses.pm     Fri Jan 24 18:40:36 2003
@@ -952,8 +952,15 @@

    chomp $line;

-  # Lose cruft
-  return 0 if $fprot_InCruft > 0;
+  # Look for the "Program version: 4...." line which shows we are running
+  # version 4 and therefore have different headers at the start of the
+  # scan output.
+  if ($fprot_InCruft==2 && $line =~ /program\s+version:\s*4/i) {
+    $fprot_InCruft -= 1;
+    return 0;
+  }
+  return 0 if $fprot_InCruft > 0; # Return if we are still in headers
+  # One header paragraph has finished, count it
    if ($line eq "") {
      $fprot_InCruft += 1;
      return 0;

At 17:14 24/01/2003, you wrote:
> >
> > Can you mail me the start of the output of something like
> >          cd /tmp
> >          /opt/MailScanner/lib/f-prot-wrapper -old -archive -dumb .
> > with some viruses in files in /tmp.
> >
> > I need to be able to spot which version is running and make the code handle
> > both versions.
>
>
>Sorry... been pretty busy today... but here it is...
>
>
>
>root at vx-m:/cluster/mail/quarantine/20030124>/opt/MailScanner/lib/f-prot-wrapper
>
>-old -archive -dumb .
>Virus scanning report  -  24 January 2003 @ 17:15
>
>F-PROT ANTIVIRUS
>Program version: 4.0.0b1
>Engine version: 3.12.8
>
>VIRUS SIGNATURE FILES
>SIGN.DEF created 18 January 2003
>SIGN2.DEF created 20 January 2003
>MACRO.DEF created 20 January 2003
>
>Search: .
>Action: Report only
>Files: "Dumb" scan of all files
>Switches: -ARCHIVE -OLD
>
>/cluster/mail/quarantine/20030124/h0O0ARwO021738/funny.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0AnwO024098/love.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0B9wO024132/love.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0BJwO030710/funny.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0BVwO037270/Be_Happy.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0CrwO038500/setup.exe  Infection:
>W32/Klez.H at mm
>/cluster/mail/quarantine/20030124/h0O0DmwO048384/love.scr  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0EOwO045570/hotmail_hack.exe  Infection:
>W32/Lentin.H at mm
>/cluster/mail/quarantine/20030124/h0O0J1wO042762/dfh0O0J1wO042762->content.scr
>
>Infection: W32/Klez.H at mm

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

