Commit | Line | Data |
---|---|---|
354283bc JB |
1 | ## |
2 | ## Example config file for the Clam AV daemon | |
3 | ## Please read the clamd.conf(5) manual before editing this file. | |
4 | ## | |
5 | ||
6 | ||
7 | # Uncomment this option to enable logging. | |
8 | # LogFile must be writable for the user running daemon. | |
9 | # A full path is required. | |
10 | # Default: disabled | |
11 | LogFile /var/log/clamav/clamd.log | |
12 | ||
13 | # By default the log file is locked for writing - the lock protects against | |
14 | # running clamd multiple times (if want to run another clamd, please | |
15 | # copy the configuration file, change the LogFile variable, and run | |
16 | # the daemon with --config-file option). | |
17 | # This option disables log file locking. | |
18 | # Default: no | |
19 | #LogFileUnlock yes | |
20 | ||
21 | # Maximal size of the log file. | |
22 | # Value of 0 disables the limit. | |
23 | # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) | |
24 | # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size | |
25 | # in bytes just don't use modifiers. | |
26 | # Default: 1M | |
27 | #LogFileMaxSize 2M | |
28 | ||
29 | # Log time with each message. | |
30 | # Default: no | |
31 | LogTime yes | |
32 | ||
33 | # Also log clean files. Useful in debugging but drastically increases the | |
34 | # log size. | |
35 | # Default: no | |
36 | #LogClean yes | |
37 | ||
38 | # Use system logger (can work together with LogFile). | |
39 | # Default: no | |
40 | #LogSyslog yes | |
41 | ||
42 | # Specify the type of syslog messages - please refer to 'man syslog' | |
43 | # for facility names. | |
44 | # Default: LOG_LOCAL6 | |
45 | #LogFacility LOG_MAIL | |
46 | ||
47 | # Enable verbose logging. | |
48 | # Default: no | |
49 | #LogVerbose yes | |
50 | ||
51 | # This option allows you to save a process identifier of the listening | |
52 | # daemon (main thread). | |
53 | # Default: disabled | |
54 | PidFile /var/run/clamav/clamd.pid | |
55 | ||
56 | # Optional path to the global temporary directory. | |
57 | # Default: system specific (usually /tmp or /var/tmp). | |
58 | #TemporaryDirectory /var/tmp | |
59 | ||
60 | # Path to the database directory. | |
61 | # Default: hardcoded (depends on installation options) | |
62 | #DatabaseDirectory /var/lib/clamav | |
63 | ||
64 | # The daemon works in a local OR a network mode. Due to security reasons we | |
65 | # recommend the local mode. | |
66 | ||
67 | # Path to a local socket file the daemon will listen on. | |
68 | # Default: disabled (must be specified by a user) | |
69 | LocalSocket /var/run/clamav/clamd.sock | |
70 | ||
71 | # Remove stale socket after unclean shutdown. | |
72 | # Default: no | |
73 | FixStaleSocket yes | |
74 | ||
75 | # TCP port address. | |
76 | # Default: no | |
77 | #TCPSocket 3310 | |
78 | ||
79 | # TCP address. | |
80 | # By default we bind to INADDR_ANY, probably not wise. | |
81 | # Enable the following to provide some degree of protection | |
82 | # from the outside world. | |
83 | # Default: no | |
84 | #TCPAddr 127.0.0.1 | |
85 | ||
86 | # Maximum length the queue of pending connections may grow to. | |
87 | # Default: 15 | |
88 | #MaxConnectionQueueLength 30 | |
89 | ||
90 | # Clamd uses FTP-like protocol to receive data from remote clients. | |
91 | # If you are using clamav-milter to balance load between remote clamd daemons | |
92 | # on firewall servers you may need to tune the options below. | |
93 | ||
94 | # Close the connection when the data size limit is exceeded. | |
95 | # The value should match your MTA's limit for a maximal attachment size. | |
96 | # Default: 10M | |
97 | #StreamMaxLength 20M | |
98 | ||
99 | # Limit port range. | |
100 | # Default: 1024 | |
101 | #StreamMinPort 30000 | |
102 | # Default: 2048 | |
103 | #StreamMaxPort 32000 | |
104 | ||
105 | # Maximal number of threads running at the same time. | |
106 | # Default: 10 | |
107 | #MaxThreads 20 | |
108 | ||
109 | # Waiting for data from a client socket will timeout after this time (seconds). | |
110 | # Value of 0 disables the timeout. | |
111 | # Default: 120 | |
112 | #ReadTimeout 300 | |
113 | ||
114 | # Waiting for a new job will timeout after this time (seconds). | |
115 | # Default: 30 | |
116 | #IdleTimeout 60 | |
117 | ||
118 | # Maximal depth directories are scanned at. | |
119 | # Default: 15 | |
120 | #MaxDirectoryRecursion 20 | |
121 | ||
122 | # Follow directory symlinks. | |
123 | # Default: no | |
124 | #FollowDirectorySymlinks yes | |
125 | ||
126 | # Follow regular file symlinks. | |
127 | # Default: no | |
128 | #FollowFileSymlinks yes | |
129 | ||
130 | # Perform internal sanity check (database integrity and freshness). | |
131 | # Default: 1800 (30 min) | |
132 | #SelfCheck 600 | |
133 | ||
134 | # Execute a command when virus is found. In the command string %v will | |
135 | # be replaced by a virus name. | |
136 | # Default: no | |
137 | #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" | |
138 | ||
139 | # Run as a selected user (clamd must be started by root). | |
140 | # Default: don't drop privileges | |
141 | User clamav | |
142 | ||
143 | # Initialize supplementary group access (clamd must be started by root). | |
144 | # Default: no | |
145 | #AllowSupplementaryGroups no | |
146 | ||
147 | # Stop daemon when libclamav reports out of memory condition. | |
148 | #ExitOnOOM yes | |
149 | ||
150 | # Don't fork into background. | |
151 | # Default: no | |
152 | #Foreground yes | |
153 | ||
154 | # Enable debug messages in libclamav. | |
155 | # Default: no | |
156 | #Debug yes | |
157 | ||
158 | # Do not remove temporary files (for debug purposes). | |
159 | # Default: no | |
160 | #LeaveTemporaryFiles yes | |
161 | ||
162 | # In some cases (eg. complex malware, exploits in graphic files, and others), | |
163 | # ClamAV uses special algorithms to provide accurate detection. This option | |
164 | # controls the algorithmic detection. | |
165 | # Default: yes | |
166 | #AlgorithmicDetection yes | |
167 | ||
168 | ## | |
169 | ## Executable files | |
170 | ## | |
171 | ||
172 | # PE stands for Portable Executable - it's an executable file format used | |
173 | # in all 32-bit versions of Windows operating systems. This option allows | |
174 | # ClamAV to perform a deeper analysis of executable files and it's also | |
175 | # required for decompression of popular executable packers such as UPX, FSG, | |
176 | # and Petite. | |
177 | # Default: yes | |
178 | #ScanPE yes | |
179 | ||
180 | # With this option clamav will try to detect broken executables and mark | |
181 | # them as Broken.Executable | |
182 | # Default: no | |
183 | #DetectBrokenExecutables yes | |
184 | ||
185 | ||
186 | ## | |
187 | ## Documents | |
188 | ## | |
189 | ||
190 | # This option enables scanning of Microsoft Office document macros. | |
191 | # Default: yes | |
192 | #ScanOLE2 yes | |
193 | ||
194 | ## | |
195 | ## Mail files | |
196 | ## | |
197 | ||
198 | # Enable internal e-mail scanner. | |
199 | # Default: yes | |
200 | #ScanMail yes | |
201 | ||
202 | # If an email contains URLs ClamAV can download and scan them. | |
203 | # WARNING: This option may open your system to a DoS attack. | |
204 | # Never use it on loaded servers. | |
205 | # Default: no | |
206 | #MailFollowURLs no | |
207 | ||
208 | # With this option enabled ClamAV will try to detect phishing attempts (using signatures). | |
209 | # Default: yes | |
210 | #DetectPhishing yes | |
211 | ||
212 | # Use phishing detection for all domains (not just those listed in the .pdb database). | |
213 | # It is not recommended to turn this option on, it is mean for internal use. | |
214 | # (available in experimental builds only) | |
215 | # Default: no | |
216 | #PhishingStrictURLCheck no | |
217 | ||
218 | # Scan urls found in mails for phishing attempts. | |
219 | # (available in experimental builds only) | |
220 | # Default: yes | |
221 | #PhishingScanURLs yes | |
222 | ||
223 | ## | |
224 | ## HTML | |
225 | ## | |
226 | ||
227 | # Perform HTML normalisation and decryption of MS Script Encoder code. | |
228 | # Default: yes | |
229 | #ScanHTML yes | |
230 | ||
231 | ||
232 | ## | |
233 | ## Archives | |
234 | ## | |
235 | ||
236 | # ClamAV can scan within archives and compressed files. | |
237 | # Default: yes | |
238 | #ScanArchive yes | |
239 | ||
240 | # The options below protect your system against Denial of Service attacks | |
241 | # using archive bombs. | |
242 | ||
243 | # Files in archives larger than this limit won't be scanned. | |
244 | # Value of 0 disables the limit. | |
245 | # Default: 10M | |
246 | #ArchiveMaxFileSize 15M | |
247 | ||
248 | # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR | |
249 | # file, all files within it will also be scanned. This options specifies how | |
250 | # deep the process should be continued. | |
251 | # Value of 0 disables the limit. | |
252 | # Default: 8 | |
253 | #ArchiveMaxRecursion 10 | |
254 | ||
255 | # Number of files to be scanned within an archive. | |
256 | # Value of 0 disables the limit. | |
257 | # Default: 1000 | |
258 | #ArchiveMaxFiles 1500 | |
259 | ||
260 | # If a file in an archive is compressed more than ArchiveMaxCompressionRatio | |
261 | # times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip) | |
262 | # Value of 0 disables the limit. | |
263 | # Default: 250 | |
264 | #ArchiveMaxCompressionRatio 300 | |
265 | ||
266 | # Use slower but memory efficient decompression algorithm. | |
267 | # only affects the bzip2 decompressor. | |
268 | # Default: no | |
269 | #ArchiveLimitMemoryUsage yes | |
270 | ||
271 | # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). | |
272 | # Default: no | |
273 | #ArchiveBlockEncrypted no | |
274 | ||
275 | # Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit) | |
276 | # if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is | |
277 | # reached. | |
278 | # Default: no | |
279 | #ArchiveBlockMax no | |
280 | ||
281 | # Enable support for Sensory Networks' NodalCore hardware accelerator. | |
282 | # Default: no | |
283 | #NodalCoreAcceleration yes | |
284 | ||
285 | ||
286 | ## | |
287 | ## Clamuko settings | |
288 | ## WARNING: This is experimental software. It is very likely it will hang | |
289 | ## up your system!!! | |
290 | ## | |
291 | ||
292 | # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. | |
293 | # Default: no | |
294 | #ClamukoScanOnAccess yes | |
295 | ||
296 | # Set access mask for Clamuko. | |
297 | # Default: no | |
298 | #ClamukoScanOnOpen yes | |
299 | #ClamukoScanOnClose yes | |
300 | #ClamukoScanOnExec yes | |
301 | ||
302 | # Set the include paths (all files in them will be scanned). You can have | |
303 | # multiple ClamukoIncludePath directives but each directory must be added | |
304 | # in a seperate line. | |
305 | # Default: disabled | |
306 | #ClamukoIncludePath /home | |
307 | #ClamukoIncludePath /students | |
308 | ||
309 | # Set the exclude paths. All subdirectories are also excluded. | |
310 | # Default: disabled | |
311 | #ClamukoExcludePath /home/bofh | |
312 | ||
313 | # Don't scan files larger than ClamukoMaxFileSize | |
314 | # Value of 0 disables the limit. | |
315 | # Default: 5M | |
316 | #ClamukoMaxFileSize 10M |