Jump to content
Sign in to follow this  
dkovacevic

Query External Database For Allow / Deny

Recommended Posts

Would it be possible to configure ClamAV to query an external database for the final allow / deny decision for any given situation?

 

For example, in performing a disk scan, query the database with the file signature or hash, and base the allow / deny decision on whether the signature or hash is in the database.

 

Or, even simpler: mimic Squid's

external_acl_type

 

 

(http://www.squid-cache.org/Doc/config/external_acl_type/)

 

and just execute a user created script that returns "allow" or "deny".

Share this post


Link to post
Share on other sites

ClamAV are open source so any modification you may like to add is entirely up to you. So short answer yes, but it is currently not a part of the suite.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×