Next Previous Contents

5. Virus scanning

You can configure frox to run a virus scanner on downloaded files between downloading them to the proxy and them being forwarded to the client. You need to ./configure with --enable-virus-scan, and set the config file variable VirusScanner to something like '"/usr/local/bin/yourviruscanner" "--options" "%s"'. You no longer need to be doing local caching for this to work - it will work with caching through squid or with no caching at all.

Note that the whole variable is enclosed in single quotes ('), while the individual arguments within are enclosed with double quotes ("). The "%s" will be replaced by the name of the file to scan. NB. unlike all the other paths in the config file, any pathnames or filenames in VirusScanner will not be stripped in the case that you are running in a chroot jail. If your virus scanner exits with a value other than 0 when a file is scanned and is virus free you will need to set VSOK to that value.

There are currently some problems with this:

If the VSProgressMsgs option is set to something other than 0 then every time that number of seconds passes during the delay a progress message will be sent to the client. On the plus side these may be displayed to users of command line ftp clients, and will probably prevent clients from giving up and timing out. On the down side the progress messages could confuse some ftp clients (I think they do with some Mozilla builds).

5.1 Can I redirect requests to a virus scanning http proxy?

Probably not. Most of these proxies send various http progress messages back to the client. Frox is unable to parse these without giving it a more extensive http implementation, and so it will probably fail. Also there will be a delay before the client starts to get the file, and it may well time out during this period. There is interest in being able to do this though, so if anyone wants to try coding it then they are welcome.

Next Previous Contents