ejes consulting

Techincal Consulting Design and Automation

Virus Scanning for your FreeNAS

with 15 comments

[edit: now has instructions for "embedded" freeBSD/freeNAS installations]  

 As you all know I love my freeNAS, it’s an excellent platform with all kinds of amazing features.  The problem is that it’s still lacking in some little ways.  

 One way is “antivirus”  

So, here’s my howto for anti virus for FreeNAS.  If you have an “embedded” freeNAS, you may have to move all the installed files to your mounted drives and symlink them using a startup script. (i’ll cover this if there’s demand)   

First, ssh to your NAS and get it’s release, mine looks like this:  

freenas:~# uname -a
FreeBSD freenas.local 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Fri Oct 16 16:45:05 UTC 2009     root@vmbsd72i386:/usr/obj/freenas/usr/src/sys/FREENAS-i386  i386

  

This just tells me that i’m using 7.2-release.  Then I go to the freebsd ftp site to find the packages.  The main tree is here ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/  

in the “packages-7.2-release” i can find the “security” directory, and finally clamav*.tbz.  

ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/security/clamav-0.95.1.tbz  

Now, download it, while you’re at it you should download all the archive libraries that it uses:
unzoo (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/unzoo-4.4_2.tbz)  

lha (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/lha-1.14i_6.tbz)  

arj (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arj-3.10.22_1.tbz)  

arc (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arc-5.21o_1.tbz)  

If you have an embedded version you must decompress each of these binaries into their own directory, I put them in my /mnt/default/opt directory structure and decompress each of them using tar, like this:  

Ffirst clamav:  

freenas:/mnt/default/opt/tmp# tar -xjf ../clamav-0.95.1.tbz
freenas:/mnt/default/opt/tmp# tar -xjf ../unzoo-4.4_2.tbz
freenas:/mnt/default/opt/tmp# tar -xjf ../lha-1.14i_6.tbz
freenas:/mnt/default/opt/tmp# tar -xjf ../arj-3.10.22_1.tbz
freenas:/mnt/default/opt/tmp# tar -xjf ../arc-5.21o_1.tbz

  

Now I have a mess in my directories, but it’s not really a mess, it’s the full distribution of clamav but not in the correct directories.  

This is easy to fix, we can link each file to it’s proper place.  I like using symbolic links (if you’re interested look in the man page for “ln”) 

I copied all directories that I’ve just extracted, not including the package files (ones that look like like +COMMENT +DESC +INSTALL etc.) to my /mnt/default/opt directory.  This is where I intend the executable files to run from:  

freenas:/mnt/default/opt/tmp# ls
+COMMENT        +DESC           bin             lib             sbin
+CONTENTS       +INSTALL        etc             libdata         share
+DEINSTALL      +MTREE_DIRS     include         man
freenas:/mnt/default/opt/tmp# rm -rf +*; #delete all +files.
freenas:/mnt/default/opt/tmp# ls
bin     etc     include lib     libdata man     sbin    share
freenas:/mnt/default/opt/tmp# mv * ..
freenas:/mnt/default/opt/tmp# cd ..
freenas:/mnt/default/opt# ls
arc-5.21o_1.tbz         include                 sbin
arj-3.10.22_1.tbz       lha-1.14i_6.tbz         share
bin                     lib                     tmp
clamav-0.95.1.tbz       libdata                 unzoo-4.4_2.tbz
etc                     man
freenas:/mnt/default/opt# rm *.tbz
freenas:/mnt/default/opt# ls
bin     etc     include lib     libdata man     sbin    share   tmp
freenas:/mnt/default/opt#

Now comes the tricky part;  

I created a list of files using “find .”.  With this list I can build a script that will link them to the proper /usr/local directories with the “ln” tool.   This is how I generated my “mksymlinks” script, it looks like this:  

freenas:/mnt/default/opt# cat mksymlinks
#!/bin/bash
ln -sf /mnt/default/opt/. /usr/local/.
ln -sf /mnt/default/opt/l /usr/local/l
ln -sf /mnt/default/opt/tmp /usr/local/tmp
ln -sf /mnt/default/opt/bin /usr/local/bin
ln -sf /mnt/default/opt/bin/clamav-config /usr/local/bin/clamav-config
ln -sf /mnt/default/opt/bin/clamconf /usr/local/bin/clamconf
ln -sf /mnt/default/opt/bin/clamdtop /usr/local/bin/clamdtop
ln -sf /mnt/default/opt/bin/clamscan /usr/local/bin/clamscan
ln -sf /mnt/default/opt/bin/clamdscan /usr/local/bin/clamdscan
ln -sf /mnt/default/opt/bin/freshclam /usr/local/bin/freshclam
ln -sf /mnt/default/opt/bin/sigtool /usr/local/bin/sigtool
ln -sf /mnt/default/opt/bin/arc /usr/local/bin/arc
ln -sf /mnt/default/opt/bin/marc /usr/local/bin/marc
ln -sf /mnt/default/opt/bin/arj /usr/local/bin/arj
ln -sf /mnt/default/opt/bin/arj-register /usr/local/bin/arj-register
ln -sf /mnt/default/opt/bin/arjdisp /usr/local/bin/arjdisp
ln -sf /mnt/default/opt/bin/rearj /usr/local/bin/rearj
ln -sf /mnt/default/opt/bin/lha /usr/local/bin/lha
ln -sf /mnt/default/opt/bin/unzoo /usr/local/bin/unzoo
ln -sf /mnt/default/opt/etc /usr/local/etc
ln -sf /mnt/default/opt/etc/clamd.conf.default /usr/local/etc/clamd.conf.default
ln -sf /mnt/default/opt/etc/freshclam.conf.default /usr/local/etc/freshclam.conf.default
ln -sf /mnt/default/opt/etc/rc.d /usr/local/etc/rc.d
ln -sf /mnt/default/opt/etc/rc.d/clamav-clamd /usr/local/etc/rc.d/clamav-clamd
ln -sf /mnt/default/opt/etc/rc.d/clamav-freshclam /usr/local/etc/rc.d/clamav-freshclam
ln -sf /mnt/default/opt/include /usr/local/include
ln -sf /mnt/default/opt/include/clamav.h /usr/local/include/clamav.h
ln -sf /mnt/default/opt/include/clamav-config.h /usr/local/include/clamav-config.h
ln -sf /mnt/default/opt/lib /usr/local/lib
ln -sf /mnt/default/opt/lib/libclamav.a /usr/local/lib/libclamav.a
ln -sf /mnt/default/opt/lib/libclamav.la /usr/local/lib/libclamav.la
ln -sf /mnt/default/opt/lib/libclamav.so /usr/local/lib/libclamav.so
ln -sf /mnt/default/opt/lib/libclamav.so.6 /usr/local/lib/libclamav.so.6
ln -sf /mnt/default/opt/lib/libclamunrar.a /usr/local/lib/libclamunrar.a
ln -sf /mnt/default/opt/lib/libclamunrar.la /usr/local/lib/libclamunrar.la
ln -sf /mnt/default/opt/lib/libclamunrar.so /usr/local/lib/libclamunrar.so
ln -sf /mnt/default/opt/lib/libclamunrar.so.6 /usr/local/lib/libclamunrar.so.6
ln -sf /mnt/default/opt/lib/libclamunrar_iface.a /usr/local/lib/libclamunrar_iface.a
ln -sf /mnt/default/opt/lib/libclamunrar_iface.la /usr/local/lib/libclamunrar_iface.la
ln -sf /mnt/default/opt/lib/libclamunrar_iface.so /usr/local/lib/libclamunrar_iface.so
ln -sf /mnt/default/opt/lib/libclamunrar_iface.so.6 /usr/local/lib/libclamunrar_iface.so.6
ln -sf /mnt/default/opt/lib/arj /usr/local/lib/arj
ln -sf /mnt/default/opt/lib/arj/arjcrypt.so /usr/local/lib/arj/arjcrypt.so
ln -sf /mnt/default/opt/libdata /usr/local/libdata
ln -sf /mnt/default/opt/libdata/pkgconfig /usr/local/libdata/pkgconfig
ln -sf /mnt/default/opt/libdata/pkgconfig/libclamav.pc /usr/local/libdata/pkgconfig/libclamav.pc
ln -sf /mnt/default/opt/man /usr/local/man
ln -sf /mnt/default/opt/man/man1 /usr/local/man/man1
ln -sf /mnt/default/opt/man/man1/clamconf.1.gz /usr/local/man/man1/clamconf.1.gz
ln -sf /mnt/default/opt/man/man1/clamscan.1.gz /usr/local/man/man1/clamscan.1.gz
ln -sf /mnt/default/opt/man/man1/freshclam.1.gz /usr/local/man/man1/freshclam.1.gz
ln -sf /mnt/default/opt/man/man1/sigtool.1.gz /usr/local/man/man1/sigtool.1.gz
ln -sf /mnt/default/opt/man/man1/clamdscan.1.gz /usr/local/man/man1/clamdscan.1.gz
ln -sf /mnt/default/opt/man/man1/clamdtop.1.gz /usr/local/man/man1/clamdtop.1.gz
ln -sf /mnt/default/opt/man/man1/arc.1.gz /usr/local/man/man1/arc.1.gz
ln -sf /mnt/default/opt/man/man1/arj-register.1.gz /usr/local/man/man1/arj-register.1.gz
ln -sf /mnt/default/opt/man/man1/arj.1.gz /usr/local/man/man1/arj.1.gz
ln -sf /mnt/default/opt/man/man1/arjdisp.1.gz /usr/local/man/man1/arjdisp.1.gz
ln -sf /mnt/default/opt/man/man1/rearj.1.gz /usr/local/man/man1/rearj.1.gz
ln -sf /mnt/default/opt/man/man1/unzoo.1.gz /usr/local/man/man1/unzoo.1.gz
ln -sf /mnt/default/opt/man/man5 /usr/local/man/man5
ln -sf /mnt/default/opt/man/man5/clamd.conf.5.gz /usr/local/man/man5/clamd.conf.5.gz
ln -sf /mnt/default/opt/man/man5/freshclam.conf.5.gz /usr/local/man/man5/freshclam.conf.5.gz
ln -sf /mnt/default/opt/man/man8 /usr/local/man/man8
ln -sf /mnt/default/opt/man/man8/clamd.8.gz /usr/local/man/man8/clamd.8.gz
ln -sf /mnt/default/opt/man/man8/clamav-milter.8.gz /usr/local/man/man8/clamav-milter.8.gz
ln -sf /mnt/default/opt/man/ja /usr/local/man/ja
ln -sf /mnt/default/opt/man/ja/man1 /usr/local/man/ja/man1
ln -sf /mnt/default/opt/man/ja/man1/lha.1.gz /usr/local/man/ja/man1/lha.1.gz
ln -sf /mnt/default/opt/sbin /usr/local/sbin
ln -sf /mnt/default/opt/sbin/clamd /usr/local/sbin/clamd
ln -sf /mnt/default/opt/share /usr/local/share
ln -sf /mnt/default/opt/share/doc /usr/local/share/doc
ln -sf /mnt/default/opt/share/doc/clamav /usr/local/share/doc/clamav
ln -sf /mnt/default/opt/share/doc/clamav/ChangeLog /usr/local/share/doc/clamav/ChangeLog
ln -sf /mnt/default/opt/share/doc/clamav/NEWS /usr/local/share/doc/clamav/NEWS
ln -sf /mnt/default/opt/share/doc/clamav/html /usr/local/share/doc/clamav/html
ln -sf /mnt/default/opt/share/doc/clamav/html/clamdoc.css /usr/local/share/doc/clamav/html/clamdoc.css
ln -sf /mnt/default/opt/share/doc/clamav/html/clamdoc.html /usr/local/share/doc/clamav/html/clamdoc.html
ln -sf /mnt/default/opt/share/doc/clamav/html/contents.png /usr/local/share/doc/clamav/html/contents.png
ln -sf /mnt/default/opt/share/doc/clamav/html/footnode.html /usr/local/share/doc/clamav/html/footnode.html
ln -sf /mnt/default/opt/share/doc/clamav/html/img1.png /usr/local/share/doc/clamav/html/img1.png
ln -sf /mnt/default/opt/share/doc/clamav/html/img2.png /usr/local/share/doc/clamav/html/img2.png
ln -sf /mnt/default/opt/share/doc/clamav/html/img3.png /usr/local/share/doc/clamav/html/img3.png
ln -sf /mnt/default/opt/share/doc/clamav/html/img4.png /usr/local/share/doc/clamav/html/img4.png
ln -sf /mnt/default/opt/share/doc/clamav/html/index.html /usr/local/share/doc/clamav/html/index.html
ln -sf /mnt/default/opt/share/doc/clamav/html/next.png /usr/local/share/doc/clamav/html/next.png
ln -sf /mnt/default/opt/share/doc/clamav/html/next_g.png /usr/local/share/doc/clamav/html/next_g.png
ln -sf /mnt/default/opt/share/doc/clamav/html/node1.html /usr/local/share/doc/clamav/html/node1.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node10.html /usr/local/share/doc/clamav/html/node10.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node11.html /usr/local/share/doc/clamav/html/node11.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node12.html /usr/local/share/doc/clamav/html/node12.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node13.html /usr/local/share/doc/clamav/html/node13.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node14.html /usr/local/share/doc/clamav/html/node14.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node15.html /usr/local/share/doc/clamav/html/node15.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node16.html /usr/local/share/doc/clamav/html/node16.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node17.html /usr/local/share/doc/clamav/html/node17.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node18.html /usr/local/share/doc/clamav/html/node18.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node19.html /usr/local/share/doc/clamav/html/node19.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node2.html /usr/local/share/doc/clamav/html/node2.html
ln -sf /mnt/default/opt/share/doc/clamav/html/up.png /usr/local/share/doc/clamav/html/up.png
ln -sf /mnt/default/opt/share/doc/clamav/html/node20.html /usr/local/share/doc/clamav/html/node20.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node21.html /usr/local/share/doc/clamav/html/node21.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node22.html /usr/local/share/doc/clamav/html/node22.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node23.html /usr/local/share/doc/clamav/html/node23.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node24.html /usr/local/share/doc/clamav/html/node24.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node25.html /usr/local/share/doc/clamav/html/node25.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node26.html /usr/local/share/doc/clamav/html/node26.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node27.html /usr/local/share/doc/clamav/html/node27.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node28.html /usr/local/share/doc/clamav/html/node28.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node29.html /usr/local/share/doc/clamav/html/node29.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node3.html /usr/local/share/doc/clamav/html/node3.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node30.html /usr/local/share/doc/clamav/html/node30.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node31.html /usr/local/share/doc/clamav/html/node31.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node32.html /usr/local/share/doc/c
lamav/html/node32.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node33.html /usr/local/share/doc/clamav/html/node33.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node34.html /usr/local/share/doc/clamav/html/node34.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node35.html /usr/local/share/doc/clamav/html/node35.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node36.html /usr/local/share/doc/clamav/html/node36.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node37.html /usr/local/share/doc/clamav/html/node37.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node38.html /usr/local/share/doc/clamav/html/node38.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node39.html /usr/local/share/doc/clamav/html/node39.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node4.html /usr/local/share/doc/clamav/html/node4.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node40.html /usr/local/share/doc/clamav/html/node40.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node41.html /usr/local/share/doc/clamav/html/node41.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node42.html /usr/local/share/doc/clamav/html/node42.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node43.html /usr/local/share/doc/clamav/html/node43.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node44.html /usr/local/share/doc/clamav/html/node44.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node45.html /usr/local/share/doc/clamav/html/node45.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node46.html /usr/local/share/doc/clamav/html/node46.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node47.html /usr/local/share/doc/clamav/html/node47.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node48.html /usr/local/share/doc/clamav/html/node48.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node49.html /usr/local/share/doc/clamav/html/node49.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node5.html /usr/local/share/doc/clamav/html/node5.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node50.html /usr/local/share/doc/clamav/html/node50.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node51.html /usr/local/share/doc/clamav/html/node51.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node52.html /usr/local/share/doc/clamav/html/node52.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node53.html /usr/local/share/doc/clamav/html/node53.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node54.html /usr/local/share/doc/clamav/html/node54.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node55.html /usr/local/share/doc/clamav/html/node55.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node56.html /usr/local/share/doc/clamav/html/node56.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node57.html /usr/local/share/doc/clamav/html/node57.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node58.html /usr/local/share/doc/clamav/html/node58.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node59.html /usr/local/share/doc/clamav/html/node59.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node6.html /usr/local/share/doc/clamav/html/node6.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node60.html /usr/local/share/doc/clamav/html/node60.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node7.html /usr/local/share/doc/clamav/html/node7.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node8.html /usr/local/share/doc/clamav/html/node8.html
ln -sf /mnt/default/opt/share/doc/clamav/html/node9.html /usr/local/share/doc/clamav/html/node9.html
ln -sf /mnt/default/opt/share/doc/clamav/html/prev.png /usr/local/share/doc/clamav/html/prev.png
ln -sf /mnt/default/opt/share/doc/clamav/html/prev_g.png /usr/local/share/doc/clamav/html/prev_g.png
ln -sf /mnt/default/opt/share/doc/clamav/html/up_g.png /usr/local/share/doc/clamav/html/up_g.png
ln -sf /mnt/default/opt/share/doc/arc /usr/local/share/doc/arc
ln -sf /mnt/default/opt/share/doc/arc/Arc521.doc /usr/local/share/doc/arc/Arc521.doc
ln -sf /mnt/default/opt/share/doc/arj /usr/local/share/doc/arj
ln -sf /mnt/default/opt/share/doc/arj/COPYING /usr/local/share/doc/arj/COPYING
ln -sf /mnt/default/opt/share/doc/arj/arjl.txt /usr/local/share/doc/arj/arjl.txt
ln -sf /mnt/default/opt/share/doc/arj/arjs.txt /usr/local/share/doc/arj/arjs.txt
ln -sf /mnt/default/opt/share/doc/arj/debug.txt /usr/local/share/doc/arj/debug.txt
ln -sf /mnt/default/opt/share/doc/arj/history.txt /usr/local/share/doc/arj/history.txt
ln -sf /mnt/default/opt/share/doc/arj/readme.txt /usr/local/share/doc/arj/readme.txt
ln -sf /mnt/default/opt/share/doc/arj/unix.txt /usr/local/share/doc/arj/unix.txt
freenas:/mnt/default/opt#

Make it executable:  

freenas:/mnt/default/opt# chmod +x mksymlinks
freenas:/mnt/default/opt#

Run it:  

freenas:/mnt/default/opt# ./mksymlinks
freenas:/mnt/default/opt#

 

If you have a full version installed then you can simply install them in the order above;  

I do mine by command line, but you can use the “system | packages” menu on the FreeNAS WebGUI.  

freenas:/mnt/default# pkg_add -v unzoo-4.4_2.tbz
equested space: 67K bytes, free space: 808M bytes in /var/tmp/instmp.OrlWwG
extract: Package name is unzoo-4.4_2
extract: CWD to /usr/local
extract: /usr/local/bin/unzoo
extract: /usr/local/man/man1/unzoo.1.gz
extract: CWD to .
Running mtree for unzoo-4.4_2..
mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null
Attempting to record package into /var/db/pkg/unzoo-4.4_2..
Package unzoo-4.4_2 registered in /var/db/pkg/unzoo-4.4_2
freenas:/mnt/default# pkg_add -v lha-1.14i_6.tbz
Requested space: 135K bytes, free space: 807M bytes in /var/tmp/instmp.RpvEQj
extract: Package name is lha-1.14i_6
extract: CWD to /usr/local
extract: /usr/local/bin/lha
extract: /usr/local/man/ja/man1/lha.1.gz
extract: CWD to .
Running mtree for lha-1.14i_6..
mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null
Attempting to record package into /var/db/pkg/lha-1.14i_6..
Package lha-1.14i_6 registered in /var/db/pkg/lha-1.14i_6
freenas:/mnt/default# pkg_add -v arj-3.10.22_1.tbz
Requested space: 906K bytes, free space: 807M bytes in /var/tmp/instmp.jzBJSj
extract: Package name is arj-3.10.22_1
extract: CWD to /usr/local
extract: /usr/local/bin/arj
extract: /usr/local/bin/arj-register
extract: /usr/local/bin/arjdisp
extract: /usr/local/bin/rearj
extract: /usr/local/lib/arj/arjcrypt.so
extract: /usr/local/man/man1/arj-register.1.gz
extract: /usr/local/man/man1/arj.1.gz
extract: /usr/local/man/man1/arjdisp.1.gz
extract: /usr/local/man/man1/rearj.1.gz
extract: /usr/local/share/doc/arj/COPYING
extract: /usr/local/share/doc/arj/arjl.txt
extract: /usr/local/share/doc/arj/arjs.txt
extract: /usr/local/share/doc/arj/debug.txt
extract: /usr/local/share/doc/arj/history.txt
extract: /usr/local/share/doc/arj/readme.txt
extract: /usr/local/share/doc/arj/unix.txt
extract: CWD to .
Running mtree for arj-3.10.22_1..
mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null
Attempting to record package into /var/db/pkg/arj-3.10.22_1..
Package arj-3.10.22_1 registered in /var/db/pkg/arj-3.10.22_1
freenas:/mnt/default# pkg_add -v arc-5.21o_1.tbz
Requested space: 180K bytes, free space: 807M bytes in /var/tmp/instmp.0SwLN2
extract: Package name is arc-5.21o_1
extract: CWD to /usr/local
extract: /usr/local/bin/arc
extract: /usr/local/bin/marc
extract: /usr/local/man/man1/arc.1.gz
extract: /usr/local/share/doc/arc/Arc521.doc
extract: CWD to .
Running mtree for arc-5.21o_1..
mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null
Attempting to record package into /var/db/pkg/arc-5.21o_1..
Package arc-5.21o_1 registered in /var/db/pkg/arc-5.21o_1 

And finally:  

freenas:/mnt/default# pkg_add -v clamav-0.95.1.tbz
Requested space: 5327K bytes, free space: 807M bytes in /var/tmp/instmp.CKrsuO
Package 'clamav-0.95.1' depends on 'unzoo-4.4_2' with 'archivers/unzoo' origin.
 - already installed.
Package 'clamav-0.95.1' depends on 'lha-1.14i_6' with 'archivers/lha' origin.
 - already installed.
Package 'clamav-0.95.1' depends on 'arj-3.10.22_1' with 'archivers/arj' origin.
 - already installed.
Package 'clamav-0.95.1' depends on 'arc-5.21o_1' with 'archivers/arc' origin.
 - already installed.
Running pre-install for clamav-0.95.1..
=> Added group "clamav".
pw: unknown group `mail'
=> Added user "clamav".
extract: Package name is clamav-0.95.1
extract: CWD to /usr/local
extract: /usr/local/man/man1/clamconf.1.gz
extract: /usr/local/man/man1/clamscan.1.gz
extract: /usr/local/man/man1/freshclam.1.gz
extract: /usr/local/man/man1/sigtool.1.gz
extract: /usr/local/man/man1/clamdscan.1.gz
extract: /usr/local/man/man1/clamdtop.1.gz
extract: /usr/local/man/man5/clamd.conf.5.gz
extract: /usr/local/man/man5/freshclam.conf.5.gz
extract: /usr/local/man/man8/clamd.8.gz
extract: /usr/local/man/man8/clamav-milter.8.gz
extract: /usr/local/bin/clamav-config
extract: /usr/local/bin/clamconf
extract: /usr/local/bin/clamdtop
extract: /usr/local/bin/clamscan
extract: /usr/local/bin/clamdscan
extract: /usr/local/bin/freshclam
extract: /usr/local/bin/sigtool
extract: /usr/local/sbin/clamd
extract: /usr/local/include/clamav.h
extract: /usr/local/include/clamav-config.h
extract: /usr/local/lib/libclamav.a
extract: /usr/local/lib/libclamav.la
extract: /usr/local/lib/libclamav.so
extract: /usr/local/lib/libclamav.so.6
extract: /usr/local/lib/libclamunrar.a
extract: /usr/local/lib/libclamunrar.la
extract: /usr/local/lib/libclamunrar.so
extract: /usr/local/lib/libclamunrar.so.6
extract: /usr/local/lib/libclamunrar_iface.a
extract: /usr/local/lib/libclamunrar_iface.la
extract: /usr/local/lib/libclamunrar_iface.so
extract: /usr/local/lib/libclamunrar_iface.so.6
extract: /usr/local/libdata/pkgconfig/libclamav.pc
extract: /usr/local/etc/clamd.conf.default
extract: execute '[ -f /usr/local/etc/clamd.conf ] || cp /usr/local/etc/clamd.conf.default /usr/local/etc/clamd.conf'
extract: /usr/local/etc/freshclam.conf.default
extract: execute '[ -f /usr/local/etc/freshclam.conf ] || cp /usr/local/etc/freshclam.conf.default /usr/local/etc/freshclam.conf'
extract: execute '/sbin/ldconfig -m /usr/local/lib'
extract: /usr/local/share/doc/clamav/ChangeLog
extract: /usr/local/share/doc/clamav/NEWS
extract: /usr/local/share/doc/clamav/html/clamdoc.css
extract: /usr/local/share/doc/clamav/html/clamdoc.html
extract: /usr/local/share/doc/clamav/html/contents.png
extract: /usr/local/share/doc/clamav/html/footnode.html
extract: /usr/local/share/doc/clamav/html/img1.png
extract: /usr/local/share/doc/clamav/html/img2.png
extract: /usr/local/share/doc/clamav/html/img3.png
extract: /usr/local/share/doc/clamav/html/img4.png
extract: /usr/local/share/doc/clamav/html/index.html
extract: /usr/local/share/doc/clamav/html/next.png
extract: /usr/local/share/doc/clamav/html/next_g.png
extract: /usr/local/share/doc/clamav/html/node1.html
extract: /usr/local/share/doc/clamav/html/node10.html
extract: /usr/local/share/doc/clamav/html/node11.html
extract: /usr/local/share/doc/clamav/html/node12.html
extract: /usr/local/share/doc/clamav/html/node13.html
extract: /usr/local/share/doc/clamav/html/node14.html
extract: /usr/local/share/doc/clamav/html/node15.html
extract: /usr/local/share/doc/clamav/html/node16.html
extract: /usr/local/share/doc/clamav/html/node17.html
extract: /usr/local/share/doc/clamav/html/node18.html
extract: /usr/local/share/doc/clamav/html/node19.html
extract: /usr/local/share/doc/clamav/html/node2.html
extract: /usr/local/share/doc/clamav/html/up.png
extract: /usr/local/share/doc/clamav/html/node20.html
extract: /usr/local/share/doc/clamav/html/node21.html
extract: /usr/local/share/doc/clamav/html/node22.html
extract: /usr/local/share/doc/clamav/html/node23.html
extract: /usr/local/share/doc/clamav/html/node24.html
extract: /usr/local/share/doc/clamav/html/node25.html
extract: /usr/local/share/doc/clamav/html/node26.html
extract: /usr/local/share/doc/clamav/html/node27.html
extract: /usr/local/share/doc/clamav/html/node28.html
extract: /usr/local/share/doc/clamav/html/node29.html
extract: /usr/local/share/doc/clamav/html/node3.html
extract: /usr/local/share/doc/clamav/html/node30.html
extract: /usr/local/share/doc/clamav/html/node31.html
extract: /usr/local/share/doc/clamav/html/node32.html
extract: /usr/local/share/doc/clamav/html/node33.html
extract: /usr/local/share/doc/clamav/html/node34.html
extract: /usr/local/share/doc/clamav/html/node35.html
extract: /usr/local/share/doc/clamav/html/node36.html
extract: /usr/local/share/doc/clamav/html/node37.html
extract: /usr/local/share/doc/clamav/html/node38.html
extract: /usr/local/share/doc/clamav/html/node39.html
extract: /usr/local/share/doc/clamav/html/node4.html
extract: /usr/local/share/doc/clamav/html/node40.html
extract: /usr/local/share/doc/clamav/html/node41.html
extract: /usr/local/share/doc/clamav/html/node42.html
extract: /usr/local/share/doc/clamav/html/node43.html
extract: /usr/local/share/doc/clamav/html/node44.html
extract: /usr/local/share/doc/clamav/html/node45.html
extract: /usr/local/share/doc/clamav/html/node46.html
extract: /usr/local/share/doc/clamav/html/node47.html
extract: /usr/local/share/doc/clamav/html/node48.html
extract: /usr/local/share/doc/clamav/html/node49.html
extract: /usr/local/share/doc/clamav/html/node5.html
extract: /usr/local/share/doc/clamav/html/node50.html
extract: /usr/local/share/doc/clamav/html/node51.html
extract: /usr/local/share/doc/clamav/html/node52.html
extract: /usr/local/share/doc/clamav/html/node53.html
extract: /usr/local/share/doc/clamav/html/node54.html
extract: /usr/local/share/doc/clamav/html/node55.html
extract: /usr/local/share/doc/clamav/html/node56.html
extract: /usr/local/share/doc/clamav/html/node57.html
extract: /usr/local/share/doc/clamav/html/node58.html
extract: /usr/local/share/doc/clamav/html/node59.html
extract: /usr/local/share/doc/clamav/html/node6.html
extract: /usr/local/share/doc/clamav/html/node60.html
extract: /usr/local/share/doc/clamav/html/node7.html
extract: /usr/local/share/doc/clamav/html/node8.html
extract: /usr/local/share/doc/clamav/html/node9.html
extract: /usr/local/share/doc/clamav/html/prev.png
extract: /usr/local/share/doc/clamav/html/prev_g.png
extract: /usr/local/share/doc/clamav/html/up_g.png
extract: CWD to /usr/local
extract: /usr/local/etc/rc.d/clamav-clamd
extract: /usr/local/etc/rc.d/clamav-freshclam
extract: CWD to .
Running mtree for clamav-0.95.1..
mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null
Running post-install for clamav-0.95.1..
Attempting to record package into /var/db/pkg/clamav-0.95.1..
Trying to record dependency on package 'unzoo-4.4_2' with 'archivers/unzoo' origin.
Trying to record dependency on package 'lha-1.14i_6' with 'archivers/lha' origin.
Trying to record dependency on package 'arj-3.10.22_1' with 'archivers/arj' origin.
Trying to record dependency on package 'arc-5.21o_1' with 'archivers/arc' origin.
Package clamav-0.95.1 registered in /var/db/pkg/clamav-0.95.1 

All Installed.  Happy.  Embedded versions should add the new “mksymlinks” script to the “System|Advanced|Command scripts” and make it a “PreInit” script:  

     

     

 Update your “clam” database using /usr/local/bin/freshclam and ta-da :)  nice virus scanner.    

 freenas:/mnt/default# /usr/local/bin/freshclam
ClamAV update process started at Wed Dec 16 16:08:26 2009
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.95.1 Recommended version: 0.95.3
DON’T PANIC! Read http://www.clamav.net/support/faq
Downloading main.cvd [100%]
main.cvd updated (version: 51, sigs: 545035, f-level: 42, builder: sven)
Downloading daily.cvd [100%]
daily.cvd updated (version: 10187, sigs: 132586, f-level: 44, builder: arnaud)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 42, recommended = 44
DON’T PANIC! Read http://www.clamav.net/support/faq
Database updated (677621 signatures) from database.clamav.net (IP: 208.70.244.158)
WARNING: Clamd was NOT notified: Can’t connect to clamd through /var/run/clamav/clamd.sock
connect(): No such file or directory    

I ignore all the errors, it’s because FreeBSDs ports are slightly behind the clam source tree.  This isn’t an issue and they’re right “DON’T PANIC!” :)     

You can also see that “clamd” is a “clam daemon”, I won’t be covering this here, but if others ask i’ll do a quick one on that too.     

Now that my clam is installed, I have to create some CRON jobs.     

The first one that I do is the update virus database.  Instead of showing my screenshots, I’ll just tell you the command that I used.     

/usr/local/bin/freshclam

It automatically logs to “/var/log/clam/freshclam.log” so you don’t need to give it any other info.  It’s also worth noting that if the virus database is up to date “freshclam” returns “failure” to cron, and it will look like your cron job failed.  Don’t panic, you can go to /var/db/clamav/ and delete the “cvd” files to force it to refresh.     

Now I add weekly scan jobs to my “home” directories.     

/usr/local/bin/clamscan -ri dir >dir/virusscan.log

I run this one per directory, at staggaring times throughout the day on Sunday.   I tried to make sure that it doesn’t interfere with my backup routines.     

That about covers it.

About these ads

Written by ejes

December 16, 2009 at 12:42 pm

Posted in Hacking, Tutorials

15 Responses

Subscribe to comments with RSS.

  1. Hi,
    I’m using an “embedded” freeNAS, and I would be very interested in knowing how to download/install and set up Clam antivirus. I’m relatively new to command lines and I prefer not to try without being sure it will actually work.
    Thanks

    Lorenzo R.

    January 21, 2010 at 6:36 am

  2. I”ve just finnish building and installing my first ZFS Nas Storage Pool needless to say I’ve lost all my family pics, music, and other things of value stored on the drives moving the drives off ond on till i finally got it to work. I don’t understand Storeman but i think i can do this Virus Protection. I really need it. in your coorespondence talk to me like I’m 2 cause i’m sure there will be questions and i don’t want to seem like a 52 year old idiot.

    Joel S.

    March 13, 2010 at 11:08 am

  3. Looking to hear from you

    Joel S.

    March 13, 2010 at 11:09 am

    • Hi Joel,

      What exactly are you having problems with?

      ejes

      March 17, 2010 at 11:40 am

  4. Nice tutorial, I’ll try it next days…

    claudiuc

    April 16, 2010 at 3:53 pm

  5. Hi, and thanks for taking the time to write your tutorial. It is appreciated!

    I followed your instructions, but when I executed the command to download and install the latest .tbz file, the following error occurred:

    Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/security/clamav-0.95.1.tbz…pkg_add: make_playpen: can’t mktemp ‘/var/tmp/instmp.2BimOT’
    [Astronomer@freenas ~]$ can’t mktemp ‘/var/tmp/instmp.2BimOT’

    Most frustrating as I’m so close…and yet, so far. Also, your instructions assume a higher familiarity with BSD than most might have. I sincerely appreciate your tutorial, but I got lost at

    “Now I have a mess in my directories, but it’s not really a mess, it’s the full distribution of clamav but not in the correct directories. This is easy to fix, we can symbolically link each file to it’s proper place. First i move all directories (not including the package files like +COMMENT +DESC etc.) to my /mnt/default/opt directories:…”

    I admit that I’m puzzled at this point. My OS familiarity as an It professional is with Windows XP/Vista/7 and Linux (Ubuntu/Debian, Fedora, SUSE, Puppy, Yellow Dog), in that order. Can you suggest where I might be having issues, or a site for further information? I’m quite eager to understand what’s causing the issue that I’m seeing and how to resolve it.

    Cheers,

    – Craig

    Craig Levine

    May 23, 2010 at 11:31 pm

    • Hi Craig,

      Apologies for the technicality of the article – I decied to write this blog in an attempt to become “less” technical, or at least be able to communicate effectively to those who are not.

      It looks like you’re trying to write to a read only /tmp directory.
      Try running your “fetch” command within a directory that is not read only (one in a writeable location on your drive)

      I can see how this may be a bit confusing – so let me reword a little

      ejes

      May 25, 2010 at 3:11 pm

  6. You know.. would be wonderful if freenas accepted ‘Modules’ and there were an autoamted way to do this and incorporate it into the web interface.

    HR

    July 9, 2010 at 5:29 pm

  7. Pretty beneficial post. I just stumbled upon your blog and wanted to say that I have incredibly enjoyed reading your blog posts. Any way I will be subscribing for the feed and I hope you write-up once more soon.

  8. I have just started testing the waters beyond the Microsoft world, so I’m a total newbie to FreeNAS and FreeBSD. I have a full installation of FreeNAS (0.7.2 Sabanda (revision 5543)) set up and got through all of the steps to install ClamAV, but now I’m stuck with the following error when I run FreshClam (note, my FreeNAS is called HWW)

    hww:/mnt/Swap# /usr/local/bin/freshclam
    ELF interpreter /libexec/ld-elf.so.1 not found
    Abort
    hww:/mnt/Swap#

    Any suggestions to correct this error (or fix what I’m doing wrong)?

    James

    May 1, 2011 at 9:49 am

  9. Hi, first thx for your work.
    At the moment i´m trying the set up clamav on my embedded install.
    Can youplease describe the part of making the symlink script.

    Thx Alex

    Alex

    October 23, 2011 at 11:06 am

    • Hi Alex,

      Sure, to make the symlink script, first I decompressed the clamav package for FreeBSD to a mounted drive and a directory that I have access to. Then I used the command ‘find .’ to list the files, including directories. From the ‘find’ command you can then add a line to the end and one to the beginning that will do the “symlink” for you. Actually this can be completed in one command like this:

      find . -exec echo ln -sf {} /usr/local/{} \;

      this will echo out the lines you need for you symlink script, from here you can use the redirector “>” to put it into a file, then change the first line to “#!/bin/sh” and change the attributes to execute. This should create the symlink script for you.

      Good luck.
      -e

      ejes

      October 25, 2011 at 11:09 am

  10. Thanks for finally writing about >Virus Scanning for your FreeNAS
    | ejes consulting <Loved it!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: