McAfee autoupdate & wrapper
Rabellino Sergio
rabellino at DI.UNITO.IT
Tue Mar 23 17:24:18 GMT 2004
Dear list,
today I've got my hands on these scripts, 'cause something was wrong in my installation, so these was fully rewritten
to get them more reliable, if the download fails and to support
the extra dat features, and a proxy if needed.
The base for the scripts remain the older ones, but many changes was done.
If someone wants to test them, they're in attachment.
Note that you MUST have a slightly modified uvscan installation, were I prefer to separate the bins from the dat/docs
and scripts.
You can find the dir map in the autoupdate script.
Feel free to use these scripts as you need, but no warranty at all...
*TESTED WITH*
Virus Scan for Solaris v4.32.0
Copyright (c) 1992-2003 Networks Associates Technology Inc. All rights reserved.(408) 988-3832 LICENSED COPY - Nov 27 2003
Scan engine v4.3.20 for Solaris.
Virus data file v4341 created Mar 22 2004
Scanning for 87769 viruses, trojans and variants.
Using /opt/uvscan/extra/Extra.dat to scan for 0 additional virus(es).
and WGET 1.7
On a SPARC/Solaris9 host - fully patched.
Bye.
--
Dott. Sergio Rabellino
Technical Staff
Department of Computer Science
University of Torino (Italy)
http://www.di.unito.it/~rabser
Tel. +39-0116706701
Fax. +39-011751603
-------------- next part --------------
#!/bin/sh
#
#
# Update the McAfee data files.
#
# Rewrote by Sergio Rabellino (rabellino[at]di.unito.it)
# Department of Computer Science of Torino
# Last change on 2004/03/23
#
# Based on the original work of
# $Cambridge: hermes/build/bin/uvscan-update,v 1.38 2003/09/04 12:27:27 fanf2 Exp $
#
# START OF CUSTOM PARAMETERS
#
# Where your McAfee live ...
PREFIX=/opt/uvscan
# Where you want to download the updates
FTPDIR=http://download.nai.com/products/datfiles/4.x/nai/
# The (full) path to your wget installation
WGET=wget
#
# If any download fail, retry every XX seconds and for NN times
#
# 240 secs = 4 minutes
RETRY_EVERY=240
RETRY_COUNT=3
#
# Syslog Facility
#
SYSLOG_FAC="mail.info"
# WGET Proxy Enable
#
# PROXY_ON="--proxy=off"
PROXY_ON="--proxy=on"
#
# Setup your proxy here (all lowercase please)
#
http_proxy="http://yourproxy.com:port"
export http_proxy
ftp_proxy="http://yourproxy.com:port"
export ftp_proxy
#
# END OF CUSTOM PARAMETERS
#
OPTS=""
# handle the command line
usage () {
echo "usage: $0 [-dfrtv] [prefix]"
echo " -d delete old files"
echo " -f force update"
echo " -r show README"
echo " -t timestamp output"
echo " -v verbose"
echo " prefix uvscan installation directory"
exit 1
}
case $# in
0|1|2) : ok
;;
*) usage
;;
esac
for arg in "$@"
do
case $arg in
-*) OPTS=$arg
;;
/*) PREFIX=$arg
;;
*) usage
;;
esac
done
case $OPTS in
*[!-dfrtv]*)
usage
esac
option () {
case $OPTS in
-*$1*) eval $2=yes
;;
*) eval $2=no
;;
esac
}
option d DELETE
option r README
option t TIME
option v VERBOSE
# set up paths
PATH=$PREFIX/bin:/usr/local/bin:/usr/bin:/bin:/usr/ucb
export PATH
LD_LIBRARY_PATH=$PREFIX/bin
export LD_LIBRARY_PATH
DATDIR=$PREFIX/datfiles
# Utility Functions
timestamp () {
case $TIME in
yes) date "+%Y-%m-%d %H:%M:%S "
esac
}
say () {
case $VERBOSE in
yes) echo "`timestamp`$*"
esac
}
run () {
say "> $*"
"$@"
}
log_syslog () {
logger -p $SYSLOG_FAC -i -t "McAfee-autoupdate" $*\"
}
say Starting $0
log_syslog "Informational: Dat update started"
say "******************* Configuration Parameters ********************"
say "* PREFIX $PREFIX"
say "* WGET $WGET"
say "* PROXY_ON $PROXY_ON"
say "* HTTP_PROXY $http_proxy"
say "* FTP_PROXY $ftp_proxy"
say "* RETRY_EVERY $RETRY_EVERY"
say "* RETRY_COUNT $RETRY_COUNT"
say "* SYSLOG_FAC $SYSLOG_FAC"
say "****************************************************************\n"
say "******************* Command Line Parameters ********************"
say "* DELETE=$DELETE"
say "* README=$README"
say "* TIME=$TIME"
say "* VERBOSE=$VERBOSE"
say "* PREFIX=$PREFIX"
say "****************************************************************\n"
# Wget Version Checking
MATCH="[1-9].*"
CMD="$WGET -V"
WGET_REL=`$CMD | sed "/GNU Wget \($MATCH\).*/!d;s//\1/;q"`
case $WGET_REL in
$MATCH) : ok
;;
"") VERBOSE=yes
say "Failed to get a usable wget program..."
say "Maybe you're pointing to a wrong binary, or your wget installation is broken."
VERBOSE=no
run exit 1
;;
esac
say "* WGET release $WGET_REL"
if [ ! -d $DATDIR ]
then
INIT=yes
VERBOSE=yes
say "* Initial setup of $0"
run mkdir -p $DATDIR
fi
run cd $DATDIR
# version number pattern
MATCH="[0-9][0-9][0-9][0-9]"
# Get Current DAT Version
CMD="$PREFIX/bin/uvscan --dat $PREFIX/dat --version"
CURRENTDAT=`$CMD | sed "/Virus data file v\($MATCH\).*/!d;s//\1/;q"`
say "* McAfee current DAT version $CURRENTDAT"
case $CURRENTDAT in
$MATCH) : ok
;;
*) VERBOSE=yes
say "Failed to get current McAfee datfile version..."
say "Maybe you're pointing to a wrong wrapper, or your mcafee installation is broken."
say " YOURPREFIX --"
say " |"
say " -\bin Put your bin and lib here"
say " |"
say " -\dat Link to the running dats here"
say " |"
say " -\datfiles The downloaded dats here"
say " |"
say " -\extra If you have extra dats"
say " |"
say " -\scripts All the scripts (this one as an example)"
say " |"
say " -\docs The docs about uvscan"
VERBOSE=no
run exit 1
;;
esac
TRY=1
GOTIT=""
while [ "x$GOTIT" = "x" ]; do
# work out latest dat version
CMD="$WGET $PROXY_ON -q --passive-ftp $FTPDIR/update.ini 2>update.err"
say "> $CMD"
if eval "$CMD"
then
VERSION=`cat update.ini | sed "/^DATVersion=\($MATCH\).$/!d;s//\1/;q"`
say "> Dat Version is $VERSION"
else
cat update.err
VERSION=UNKNOWN
fi
run rm -f update.ini update.err
# check the format of the version number
case $VERSION in
$MATCH) GOTIT="ok"
;;
*) TRY=`echo "$TRY + 1" |bc`
if [ "$TRY" -le "$RETRY_COUNT" ]; then
say "> Try $TRY - FTP DAT version not found ... sleep $RETRY_EVERY seconds then retry"
sleep $RETRY_EVERY
else
GOTIT="no"
fi
;;
esac
done
# We got it ????
case $GOTIT in
no) say "Unable to get DAT Version"
log_syslog "Critical Failure: can't get McAfee DAT Version"
run exit 1
;;
esac
# check new version is actually newer
if [ $CURRENTDAT -ge $VERSION ]
then
VERBOSE=yes
say "No newer DAT available... exiting"
log_syslog "Informational: No newer DAT available... exiting"
exit 0
else
say "> FTP Dat is newer than our"
fi
# fetch and extract dat files
#
# McAfee update filename
#
TARFILE=dat-$VERSION.tar
TRY=1
GOTIT=""
while [ "x$GOTIT" = "x" ]; do
if [ ! -d $VERSION ]; then
run mkdir $VERSION
else
run rm -rf $VERSION
run mkdir $VERSION
fi
run cd $DATDIR/$VERSION
say "> Try $TRY - Getting tarball"
run $WGET $PROXY_ON -q --passive-ftp $FTPDIR/$TARFILE
if [ "$?" -eq "0" ]; then
run tar xvf $TARFILE
fi
# verify the new dats download
CMD="$PREFIX/bin/uvscan --dat $DATDIR/$VERSION --version"
NEWDAT=`$CMD | sed "/Virus data file v\($MATCH\).*/!d;s//\1/;q"`
say "> $CMD"
if [ "x$NEWDAT" = "x$VERSION" ]; then
GOTIT=ok
else
TRY=`echo "$TRY + 1" |bc`
if [ "$TRY" -le "$RETRY_COUNT" ]; then
say "> Try $TRY - FTP DAT download failed ... sleep $RETRY_EVERY seconds then retry"
sleep $RETRY_EVERY
else
GOTIT="no"
fi
fi
done
# We got it ????
case $GOTIT in
no) say "Unable to get DAT TarBall"
log_syslog "Critical Failure: can't get McAfee DAT Tarball"
run exit 1
;;
esac
say "> Update OK"
log_syslog "Informational: Download OK"
# show information on this update?
case $README in
yes) run sed 's/[[:cntrl:]]//g
1,/^====================/d
/^====================/,/^NEW VIRUSES DETECTED/d
/^UNDERSTANDING VIRUS NAMES/,$d
s/^/# /;/@MM/s/$/ <--/' readme.txt
esac
# remove some crap
run rm -f *.diz *.exe *.ini *.lst *.tar *.txt
# update the current version link
run rm -rf $PREFIX/dat
run ln -s $DATDIR/$VERSION $PREFIX/dat
# maybe delete old dat files
case $DELETE in
yes) run rm -rf $DATDIR/$CURRENTDAT
esac
say "> Completed OK"
log_syslog "McAfee updated to version $VERSION"
run exit 0
# done
-------------- next part --------------
#!/bin/sh
# MailScanner - SMTP E-Mail Virus Scanner
# Copyright (C) 2001 Julian Field
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# The author, Julian Field, can be contacted by email at
# Jules at JulianField.net
# or by paper mail at
# Julian Field
# Dept of Electronics & Computer Science
# University of Southampton
# Southampton
# SO17 1BJ
# United Kingdom
#
# JKF Wrapper Sophos programs with the correct LD_LIBRARY_PATH
# Modified for solaris by CJG
# Then tweaked for heron by JKF again
# Then tweaked for McAfee by JKF
# Modified (badly!) by SEP398 to work with the update script
# Modified by RabSer on 2003.03.23
PackageDir=/opt/uvscan
prog=uvscan
binDIR=$PackageDir/bin
LD_LIBRARY_PATH=$binDIR
export LD_LIBRARY_PATH
if [ -h $PackageDir/dat ]; then
datDIR="--dat $PackageDir/dat"
else
datDIR=""
fi
if [ -f $PackageDir/extra/Extra.dat ]; then
extraDIR="--extra $PackageDir/extra/Extra.dat"
else
extraDIR=""
fi
if [ "x$1" = "x-IsItInstalled" ]; then
[ -x ${binDIR}/$prog ] && exit 0
exit 1
fi
exec ${binDIR}/$prog $datDIR $extraDIR "$@"
More information about the MailScanner
mailing list