Custom Content Scanners in DansGuardian
I've been playing with DGAV on Linux Mint 9 and from the tests I've conducted discovered it's not that effective at catching drive by downloads, as ClamAV doesn't have quite a lot of the exploits in it's virus database. I'm therefore trying to get Avast! Linux Home Edition working with DansGuardian 184.108.40.206.
I've created a file called "avast.conf" in /etc/dansguardian/contentscanners and modified the contents of the commandlinescan.conf file to suit, but DansGuardian fails to load with the error message:
Unable to load plugin: /etc/dansguardian/contentscanners/avast.conf
cs_plugin_load() returned NULL pointer with config file: /etc/dansguardian/contentscanners/avast.conf
Error loading CS plugins
Error parsing the dansguardian.conf file or other DansGuardian configuration files
I've had a look on Google but couldn't find anything, so does anybody know what I'm doing wrong? If I comment out the line in dansguardian.conf and uncomment the clamAV line, it works fine, so I'm pretty sure the issue is with my config file.
The config file is below:
plugname = 'avast'
# Standard lists of file types & websites not to scan
exceptionvirusmimetypelist = '/etc/dansguardian/lists/contentscanners/exceptionvirusmimetypelist'
exceptionvirusextensionlist = '/etc/dansguardian/lists/contentscanners/exceptionvirusextensionlist'
exceptionvirussitelist = '/etc/dansguardian/lists/contentscanners/exceptionvirussitelist'
exceptionvirusurllist = '/etc/dansguardian/lists/contentscanners/exceptionvirusurllist'
# Program to run & initial arguments - filename for scanning will be appended
progname = '/usr/bin/avast --console'
# At least one of the following three options must be defined!
# They are checked in the following order, with the first match determining
# the scan result:
# virusregexp - regular expression for extracting virus names from
# the scanner's output
# cleancodes - program return code(s), as a comma-separated list, for
# uninfected files
# infectedcodes - program return code(s), as a comma-separated list, for
# infected files
virusregexp = [infected by:([ -/a-zA-Z0-9\.]+)]
# Which submatch of the above contains the virus name? (0 = all matched text)
submatch = 1
#cleancodes = 0
# infectedcodes = 1,2,3
# Default result when none of the other options triggers a match
# Valid values are "infected" and "clean"
defaultresult = infected