| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317 |
- ##
- ## Example config file for the Clam AV daemon
- ## Please read the clamd.conf(5) manual before editing this file.
- ##
- # Uncomment this option to enable logging.
- # LogFile must be writable for the user running daemon.
- # A full path is required.
- # Default: disabled
- LogFile /var/log/clamav/clamd.log
- # By default the log file is locked for writing - the lock protects against
- # running clamd multiple times (if want to run another clamd, please
- # copy the configuration file, change the LogFile variable, and run
- # the daemon with --config-file option).
- # This option disables log file locking.
- # Default: no
- #LogFileUnlock yes
- # Maximal size of the log file.
- # Value of 0 disables the limit.
- # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
- # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
- # in bytes just don't use modifiers.
- # Default: 1M
- #LogFileMaxSize 2M
- # Log time with each message.
- # Default: no
- LogTime yes
- # Also log clean files. Useful in debugging but drastically increases the
- # log size.
- # Default: no
- #LogClean yes
- # Use system logger (can work together with LogFile).
- # Default: no
- #LogSyslog yes
- # Specify the type of syslog messages - please refer to 'man syslog'
- # for facility names.
- # Default: LOG_LOCAL6
- #LogFacility LOG_MAIL
- # Enable verbose logging.
- # Default: no
- #LogVerbose yes
- # This option allows you to save a process identifier of the listening
- # daemon (main thread).
- # Default: disabled
- PidFile /var/run/clamav/clamd.pid
- # Optional path to the global temporary directory.
- # Default: system specific (usually /tmp or /var/tmp).
- #TemporaryDirectory /var/tmp
- # Path to the database directory.
- # Default: hardcoded (depends on installation options)
- #DatabaseDirectory /var/lib/clamav
- # The daemon works in a local OR a network mode. Due to security reasons we
- # recommend the local mode.
- # Path to a local socket file the daemon will listen on.
- # Default: disabled (must be specified by a user)
- LocalSocket /var/run/clamav/clamd.sock
- # Remove stale socket after unclean shutdown.
- # Default: no
- FixStaleSocket yes
- # TCP port address.
- # Default: no
- #TCPSocket 3310
- # TCP address.
- # By default we bind to INADDR_ANY, probably not wise.
- # Enable the following to provide some degree of protection
- # from the outside world.
- # Default: no
- #TCPAddr 127.0.0.1
- # Maximum length the queue of pending connections may grow to.
- # Default: 15
- #MaxConnectionQueueLength 30
- # Clamd uses FTP-like protocol to receive data from remote clients.
- # If you are using clamav-milter to balance load between remote clamd daemons
- # on firewall servers you may need to tune the options below.
- # Close the connection when the data size limit is exceeded.
- # The value should match your MTA's limit for a maximal attachment size.
- # Default: 10M
- #StreamMaxLength 20M
- # Limit port range.
- # Default: 1024
- #StreamMinPort 30000
- # Default: 2048
- #StreamMaxPort 32000
- # Maximal number of threads running at the same time.
- # Default: 10
- #MaxThreads 20
- # Waiting for data from a client socket will timeout after this time (seconds).
- # Value of 0 disables the timeout.
- # Default: 120
- #ReadTimeout 300
- # Waiting for a new job will timeout after this time (seconds).
- # Default: 30
- #IdleTimeout 60
- # Maximal depth directories are scanned at.
- # Default: 15
- #MaxDirectoryRecursion 20
- # Follow directory symlinks.
- # Default: no
- #FollowDirectorySymlinks yes
- # Follow regular file symlinks.
- # Default: no
- #FollowFileSymlinks yes
- # Perform internal sanity check (database integrity and freshness).
- # Default: 1800 (30 min)
- #SelfCheck 600
- # Execute a command when virus is found. In the command string %v will
- # be replaced by a virus name.
- # Default: no
- #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
- # Run as a selected user (clamd must be started by root).
- # Default: don't drop privileges
- User clamav
- # Initialize supplementary group access (clamd must be started by root).
- # Default: no
- #AllowSupplementaryGroups no
- # Stop daemon when libclamav reports out of memory condition.
- #ExitOnOOM yes
- # Don't fork into background.
- # Default: no
- #Foreground yes
- # Enable debug messages in libclamav.
- # Default: no
- #Debug yes
- # Do not remove temporary files (for debug purposes).
- # Default: no
- #LeaveTemporaryFiles yes
- # In some cases (eg. complex malware, exploits in graphic files, and others),
- # ClamAV uses special algorithms to provide accurate detection. This option
- # controls the algorithmic detection.
- # Default: yes
- #AlgorithmicDetection yes
- ##
- ## Executable files
- ##
- # PE stands for Portable Executable - it's an executable file format used
- # in all 32-bit versions of Windows operating systems. This option allows
- # ClamAV to perform a deeper analysis of executable files and it's also
- # required for decompression of popular executable packers such as UPX, FSG,
- # and Petite.
- # Default: yes
- #ScanPE yes
- # With this option clamav will try to detect broken executables and mark
- # them as Broken.Executable
- # Default: no
- #DetectBrokenExecutables yes
- ##
- ## Documents
- ##
- # This option enables scanning of Microsoft Office document macros.
- # Default: yes
- #ScanOLE2 yes
- ##
- ## Mail files
- ##
- # Enable internal e-mail scanner.
- # Default: yes
- #ScanMail yes
- # If an email contains URLs ClamAV can download and scan them.
- # WARNING: This option may open your system to a DoS attack.
- # Never use it on loaded servers.
- # Default: no
- #MailFollowURLs no
- # With this option enabled ClamAV will try to detect phishing attempts (using signatures).
- # Default: yes
- #DetectPhishing yes
- # Use phishing detection for all domains (not just those listed in the .pdb database).
- # It is not recommended to turn this option on, it is mean for internal use.
- # (available in experimental builds only)
- # Default: no
- #PhishingStrictURLCheck no
- # Scan urls found in mails for phishing attempts.
- # (available in experimental builds only)
- # Default: yes
- #PhishingScanURLs yes
- ##
- ## HTML
- ##
- # Perform HTML normalisation and decryption of MS Script Encoder code.
- # Default: yes
- #ScanHTML yes
- ##
- ## Archives
- ##
- # ClamAV can scan within archives and compressed files.
- # Default: yes
- #ScanArchive yes
- # The options below protect your system against Denial of Service attacks
- # using archive bombs.
- # Files in archives larger than this limit won't be scanned.
- # Value of 0 disables the limit.
- # Default: 10M
- #ArchiveMaxFileSize 15M
- # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
- # file, all files within it will also be scanned. This options specifies how
- # deep the process should be continued.
- # Value of 0 disables the limit.
- # Default: 8
- #ArchiveMaxRecursion 10
- # Number of files to be scanned within an archive.
- # Value of 0 disables the limit.
- # Default: 1000
- #ArchiveMaxFiles 1500
- # If a file in an archive is compressed more than ArchiveMaxCompressionRatio
- # times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip)
- # Value of 0 disables the limit.
- # Default: 250
- #ArchiveMaxCompressionRatio 300
- # Use slower but memory efficient decompression algorithm.
- # only affects the bzip2 decompressor.
- # Default: no
- #ArchiveLimitMemoryUsage yes
- # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
- # Default: no
- #ArchiveBlockEncrypted no
- # Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
- # if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
- # reached.
- # Default: no
- #ArchiveBlockMax no
- # Enable support for Sensory Networks' NodalCore hardware accelerator.
- # Default: no
- #NodalCoreAcceleration yes
- ##
- ## Clamuko settings
- ## WARNING: This is experimental software. It is very likely it will hang
- ## up your system!!!
- ##
- # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
- # Default: no
- #ClamukoScanOnAccess yes
- # Set access mask for Clamuko.
- # Default: no
- #ClamukoScanOnOpen yes
- #ClamukoScanOnClose yes
- #ClamukoScanOnExec yes
- # Set the include paths (all files in them will be scanned). You can have
- # multiple ClamukoIncludePath directives but each directory must be added
- # in a seperate line.
- # Default: disabled
- #ClamukoIncludePath /home
- #ClamukoIncludePath /students
- # Set the exclude paths. All subdirectories are also excluded.
- # Default: disabled
- #ClamukoExcludePath /home/bofh
- # Don't scan files larger than ClamukoMaxFileSize
- # Value of 0 disables the limit.
- # Default: 5M
- #ClamukoMaxFileSize 10M
|
