# If running clamd in "LocalSocket" mode (*NOT* in TCP/IP mode), and # either "SOcket Cat" (socat) or the "IO::Socket::UNIX" perl module # are installed on the system, and you want to report whether clamd # is running or not, uncomment the "clamd_socket" variable below (you # will be warned if neither socat nor IO::Socket::UNIX are found, but # the script will still run). You will also need to set the correct # path to your clamd socket file (if unsure of the path, check the # "LocalSocket" setting in your clamd.conf file for socket location). clamd_socket="/run/clamav/clamd.ctl" # If you would like to attempt to restart ClamD if detected not running, # uncomment the next 2 lines. Confirm the path to the "clamd_lock" file # (usually can be found in the clamd init script) and also enter the clamd # start command for your particular distro for the "start_clamd" variable # (the sample start command shown below should work for most linux distros). # NOTE: these 2 variables are dependant on the "clamd_socket" variable # shown above - if not enabled, then the following 2 variables will be # ignored, whether enabled or not. clamd_lock="/run/clamav/clamd.pid" start_clamd="clamdscan --reload" ss_dbs=" junk.ndb phish.ndb rogue.hdb sanesecurity.ftm scam.ndb sigwhitelist.ign2 spamattach.hdb spamimg.hdb winnow.attachments.hdb winnow_bad_cw.hdb winnow_extended_malware.hdb winnow_malware.hdb winnow_malware_links.ndb malwarehash.hsb doppelstern.hdb bofhland_cracked_URL.ndb bofhland_malware_attach.hdb bofhland_malware_URL.ndb bofhland_phishing_URL.ndb crdfam.clamav.hdb phishtank.ndb porcupine.ndb spear.ndb spearl.ndb " # ======================== # SecuriteInfo Database(s) # ======================== # Add or remove database file names between quote marks as needed. To # disable any SecuriteInfo database downloads, remove the appropriate # lines below. To disable all SecuriteInfo database file downloads, # comment all of the following lines. si_dbs="" mbl_dbs=""