Re: [Clamav-users] feature request for clam (STREAM mode)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Shouldn't this be on the developers list, not here? - -Nigel - -- Nigel Horne. Arranger, Composer, Conductor, Typesetter. Owner of the brass band group of the Internet. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk/music.htm -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/QIPCOv/MqfDWaY8RApe1AKCfnMzUe4FmPedTfw2FiM+jB1+jtACeOSD1 sZAQrJaDTdGlBOSsHu9H6+Y= =gQsP -END PGP SIGNATURE- --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] feature request for clam (STREAM mode)
Tomasz Kojm wrote: On Sun, 17 Aug 2003 19:38:10 +0200 Arkadiusz Miskiewicz <[EMAIL PROTECTED]> wrote: Hi, STREAM support is long awaited feature by me. Unfortunately it seems badly designed. The idea of the protocol is based on OpenAntiVirus ScannerDaemon's POST command, with some enhancements. Current protocol is: - connect with default clamav port (command connection) - send STREAM uppercase - clamd returns port number - we connect with that number and send data to be scanned there (data connection) That's it. Problems are: - if we want to scan few files we need to connect to reconnect to command connection every time, too - why? Why no multiple STREAM commands allowed? Do you mean STREAM should support an optional argument for a number of sockets clamd should start waiting on ? No problem. - data port is random so I need to open all ports on my firewall which is very This problem has been already reported a few days ago. The port number range will be configurable in clamav.conf. sad. Instead of this it would be great if I could send data over ,,command connection'' and don't use ,,data connection'' at all. Oh, I don't think this is a good idea - it will make the command socket a bottleneck because a scan process for may be long and we can't depend on the backlog argument of the listen() function due to portability reasons. I really, really dislike this solution which reminds me in some way to the (br0ken) ftp-protocol. A solution like this make any kind of loadbalancing(using a standard TCP balancing solution) nearly impossible. Any chance that this design could be changed to using a single TCP-Port. This would allow use to loadbalance/failover clamd easily between a large number of hosts (just like it's possible with spamd from the spamassassin package today). Stefan --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] feature request for clam (STREAM mode)
On Sun, 17 Aug 2003 22:45:07 +0200 Arkadiusz Miskiewicz <[EMAIL PROTECTED]> wrote: > On Sunday 17 of August 2003 22:29, Tomasz Kojm wrote: > > > - if we want to scan few files we need to connect to reconnect to > > > command connection every time, too - why? Why no multiple STREAM > > > commands allowed? > > > > Do you mean STREAM should support an optional argument for a number > > of sockets clamd should start waiting on ? No problem. > I was thinking about something other... don't disconnect after > returning stream: OK/OTHER_MESSAGE and allow to send another STREAM > request. In this way I wouldn't need to reconnect every time if I want > to scan few files. This will cause the problem I've described in my previous mail - will block the command socket with big files. Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ <- C. Amboinensiswww.pajacyk.pl --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] feature request for clam (STREAM mode)
On Sunday 17 of August 2003 22:29, Tomasz Kojm wrote: > > - if we want to scan few files we need to connect to reconnect to > > command connection every time, too - why? Why no multiple STREAM > > commands allowed? > > Do you mean STREAM should support an optional argument for a number of > sockets clamd should start waiting on ? No problem. I was thinking about something other... don't disconnect after returning stream: OK/OTHER_MESSAGE and allow to send another STREAM request. In this way I wouldn't need to reconnect every time if I want to scan few files. > > - data port is random so I need to open all ports on my firewall which > > is very > > This problem has been already reported a few days ago. The port number > range will be configurable in clamav.conf. btw. does clamd checking whether data connection comes from the same IP as command connection? > > clamscan btw. is missing STREAM mode for multiple files when scanning. > > With > > clamscan doesn't connect to clamd at all. Unfortunately :-( Also clam libraries don't have any network support which also would be useful. It would be really great to just specify clamscan ---remote-host=x.y.z.q:2145 /some/directory :) > clamdscan uses STREAM while > reading from a standard input, but this is not yet fully implemented. > clamdscan will support "remote scanning" (with something like > "--remote-host" option) soon. Great. > > Best regards, > Tomasz Kojm -- Arkadiusz MiĆkiewiczCS at FoE, Wroclaw University of Technology [EMAIL PROTECTED] AM2-6BONE, 1024/3DB19BBD, arekm(at)ircnet, PLD/Linux --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] feature request for clam (STREAM mode)
On Sun, 17 Aug 2003 19:38:10 +0200 Arkadiusz Miskiewicz <[EMAIL PROTECTED]> wrote: > Hi, > > STREAM support is long awaited feature by me. Unfortunately it seems > badly designed. The idea of the protocol is based on OpenAntiVirus ScannerDaemon's POST command, with some enhancements. > Current protocol is: > - connect with default clamav port (command connection) > - send STREAM uppercase > - clamd returns port number > - we connect with that number and send data to be scanned there (data > connection) That's it. > Problems are: > - if we want to scan few files we need to connect to reconnect to > command connection every time, too - why? Why no multiple STREAM > commands allowed? Do you mean STREAM should support an optional argument for a number of sockets clamd should start waiting on ? No problem. > - data port is random so I need to open all ports on my firewall which > is very This problem has been already reported a few days ago. The port number range will be configurable in clamav.conf. > sad. Instead of this it would be great if I could send data over > ,,command connection'' and don't use ,,data connection'' at all. Oh, I don't think this is a good idea - it will make the command socket a bottleneck because a scan process for may be long and we can't depend on the backlog argument of the listen() function due to portability reasons. > clamscan btw. is missing STREAM mode for multiple files when scanning. > With clamscan doesn't connect to clamd at all. clamdscan uses STREAM while reading from a standard input, but this is not yet fully implemented. clamdscan will support "remote scanning" (with something like "--remote-host" option) soon. Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ <- C. Amboinensiswww.pajacyk.pl --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users