Introduction

This document describes how to add the VirusBuster command line scanner to the list of integrated antivirus products in the AMaViS.
Purpose of this document is only to guide users, so the main steps are detailed in this documentation. Remember, this is only one of the possible methods to integrate external scanners.
Another important thing is that the VirusBuster doesn't support the AMaViS system, so this document only includes the integration steps. If other problems occurred regarding to the AMaViS, please consult its own official manual for more information.

Structure of the AMaViS configuration file

The configuration file of the AMaViS is a script written in Perl language. It is loaded when the product is started or it is requested by a specified command. The only important part of this file (regarding to the integration) is the av_scanners_backup array. Declaration of this array can be found at the end of the configuration file.

Design the system

• First, you have to install the VirusBuster command line scanner. It means, that you have to uncompress the package to the desired directory.
  
• Thereafter, you have to specify the log file which you want the command line scanner to log in. Create the log directory if it doesn't exist. You should perform this step so that you can separate the log entries created by the AMaViS against the other ones.
  Important that AMaViS is running with its own user privileges by default, so this user must have write permission for this created directory.
  
• Also required to set and create the quarantine folder. It is for separating the items moved to the quarantine during the AMaViS running.
  Important that AMaViS is running with its own user privileges by default, so this user must have write permission for this created directory.

Integrating the scanner to the AMaViS configuration file

The VirusBuster scanner must be inserted into the av_scanners_backup array in the amavis.conf file. This array includes the secondary scanners. Minimal content of this array should be the following:

@av_scanners_backup = (
['VirusBuster',
'/usr/local/vbscan/vbscan',
"-a s --all-files --log=/var/log/vbscan/vbscan.log --quarantine=/var/spool/vbscan {} '*'",
[0],
[1, 2],
qr/found: (.+) \.\.\..*/
]
);

Of course, it is possible to set more scanners as well, you have to enumerate them separated by comma (,) in the list. For more information about it please consult the AMaViS documentation.

The meaning of the above example line by line (without mentioning the array declaration):

• 1. line: name of the product's manufacturer
  
• 2. line: path of the scanner, if the variable contains this path, you shouldn't specify the whole path
  
• 3. line: parameters to be passed to the scanner
  
• 4. line: list of return values that indicate NO virus found
  
• 5. line: list of return values that indicate virus found
  
• 6. line: regular expression which extracts the found virus name from the scanner's output

Example to integrate

The following example describes the steps of activating the VirusBuster command line scanner in the AMaViS system. Remember, this is not the only way, just a possible method:

• Unpack the command line scanner package to the /tmp directory.
  
• Create the /usr/local/vbscan folder.
  
• Copy the unpacked files to this folder.
  
• Create the /var/spool/vbscan folder.
  
• Make sure that the owner of this folder is the AMaViS user and he is able to write into this folder.
  
• Create the /var/log/vbscan folder.
  
• Make sure that the owner of this folder is the AMaViS user and he is able to write into this folder.
  
• Change the amavis.conf file, the av_scanners_backup array must contain the following:

@av_scanners_backup = (
['VirusBuster',
'/usr/local/vbscan/vbscan',
"-a s --all-files --log=/var/log/vbscan/vbscan.log --quarantine=/var/spool/vbscan {} '*'",
[0],
[1, 2],
qr/found: (.+) \.\.\..*/
]
);

• If the AMaViS is running, reload the configuration file.

Download this guide in pdf format.