#11 clamav support does not compile

open
nobody
None
5
2009-06-11
2009-06-11
No

It seems that the clam guys have removed "struct cl_limits" as they threatened to do some while ago. This means that snort_inline with clamav no longer compiles, and it's not possible to use any clamav in FreeBSD ports with any version of snort_inline that I can find.

I wonder if it would make sense to use the network interface to clamd in the same way that clamdscan does? Hopefully that would be a more stable API. Or otherwise to discuss with the clamav guys what is the most stable interface to use.

Discussion

  • Nobody/Anonymous

    Try it now....

     
  • Nobody/Anonymous

    From SVN, I mean. Either the trunk (2.8.3) or testing (2.8.4.1).

     
  • Nobody/Anonymous

    Hi, guys
    I'm also trying to compile snort_inline -2.8.2.1-RC1 with the --enable-clamav option, with no success. Does anyone know how too fix this problem?

    However, snort_inline / clamav does no work as an effective perimetral antivirus, because it only inspects single packets, not files. I simple EICAR Antivirus is no detected (tested in patched snort-2.3.0 patched for clamav support

    I use p3scan and dansguardian for virus for mail and web files testing, but i am trying ti set up a complete antivirus 'on the fly' gateway for all traffic (Debian Lenny)

    do you thing snort_inline will be usefull for this goal? if not, could you suggest me an alternative configuration?

    And if snort_inline is my best choice... how could a fix this compilation problem?

    Thank you very much in advance

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks