ghostwolf59
Contributor
- Joined
- Mar 2, 2013
- Messages
- 165
Hi,
I just installed ClamAV in its own jail (pretty much following https://www.ixsystems.com/community/resources/how-to-install-clamav-on-freenas-v11.66/
but on FreeNAS 11.3 installation.
All works, but nominating large volumes to scan takes for ever *manually kicked off one of my cron jobs scanning one of my targets *about 200GB of data stored* today and 8 hours later its still running - That don't come across as right.
I also noticed some memory issues spat back from clamscan *old box with only 8GB RAM installed
Would have thought a simple scan of data should be pretty quick as well as not too memory hungry
The script kicking off the scan executes this to perform the scan on my target *parameter based*
Running the same cron and scripts runs fine on smaller targets, but pointing to a large pool containing a fair amount of data it seem to struggle
Anyone with suggestions please let me know
The complete scripts I run is this
NOTE!!! I updated these scripts to allow for concurrent processes (so if one cron sheduled to run clashes with current job, it will work for both.
Also only update the virus db once every 24 hour cycle (or when its missing)
No real need to update the virus db for every run ;)
Final tweak was to mod the script to handle folder names containing spaces when passing in the target path as a parameter *entire parameter needs to be surrounded by quotes though i,e ""
run_clamav_scan.sh:
avscan.sh:
parameter controlled scheduled cron task:
FreeNAS running processes:
I just installed ClamAV in its own jail (pretty much following https://www.ixsystems.com/community/resources/how-to-install-clamav-on-freenas-v11.66/
but on FreeNAS 11.3 installation.
All works, but nominating large volumes to scan takes for ever *manually kicked off one of my cron jobs scanning one of my targets *about 200GB of data stored* today and 8 hours later its still running - That don't come across as right.
I also noticed some memory issues spat back from clamscan *old box with only 8GB RAM installed
Would have thought a simple scan of data should be pretty quick as well as not too memory hungry
The script kicking off the scan executes this to perform the scan on my target *parameter based*
Code:
clamscan -i -r -l /var/log/clamav/clamscan.log "${scanlocation}"
Running the same cron and scripts runs fine on smaller targets, but pointing to a large pool containing a fair amount of data it seem to struggle
Anyone with suggestions please let me know
The complete scripts I run is this
NOTE!!! I updated these scripts to allow for concurrent processes (so if one cron sheduled to run clashes with current job, it will work for both.
Also only update the virus db once every 24 hour cycle (or when its missing)
No real need to update the virus db for every run ;)
Final tweak was to mod the script to handle folder names containing spaces when passing in the target path as a parameter *entire parameter needs to be surrounded by quotes though i,e ""
run_clamav_scan.sh:
Code:
#!/bin/sh ### Execute a shall script on the ClamAV jail, which updates the Anti-Virus definations and then runs a scan ### ## iocage = FreeNAS v11.1 and above (yes FreeNAS v11.1 supports both warden and iocage [via CLI]) ## ## Define the location where the "avscan.sh" shell script is located on the jail: scriptlocation="/script/" # Grab pid id from started process and sent it to tmp file so second process can pick it up pid=$$ #echo "pid id ${pid}" # Grab target directory parameter scantarget=${@} ## Execute the script passing pid and target path ## iocage exec clamav "$scriptlocation"avscan.sh "${pid}" "${scantarget}" ## email the log ## sendmail -t < /mnt/JailSSD/iocage/jails/clamav/root/tmp/clamavemail${pid}.tmp ## Delete the log file ## rm /mnt/JailSSD/iocage/jails/clamav/root/tmp/clamavemail${pid}.tmp
avscan.sh:
Code:
#!/bin/sh ### Notes ### ## Shell scripts to update the ClamAV definations, then run a scan and prepare an email template ## ## This script is called from a master script running as a cron job on the FreeNAS server ## ## Master script is: run_clamav_scan.sh ## ## ## Instructions: ## ## 1) To use this you need to create a Jail called "ClamAV" ## ## 2) Open a Shall to the jail and then run: "pkg update" ## ## 3) The run: "pkg install clamav" ## ## 4) You can then "exit" the Jail ## ## 5) Add the windows shares you wish to scan by using the Jail Add Storage feature ## ## 5a) Add the shares to same location you use in the variable: "scanlocation" ## ## 6) Setp a cronjob on the FreeNAS server to run a shell script on the FreeNAS server: "run_clamav_scan.sh" ## ## 7) The shell script "run_clamav_scan.sh" then connects to the Jail and runs this script. ## ## 8) Once finished, the "run_clamav_scan.sh" script emails a log to the email entered in the variable: "to_email" ## ## ## https://www.clamav.net/ ## ## ClamAV® is an open source (GPL) anti-virus engine used in a variety of situations including email scanning, web scanning, ## ## and end point security. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command ## ## line scanner and an advanced tool for automatic database updates. ## pid=${1} #echo "pid argument ${pid}" targetdir=${2} #targetdir=${@} #echo "targetdir ${targetdir}" ## Top directory of the files/directories you wish to scan, i.e. the "Jail Add Storage" locations ## scanlocation="/scantarget/${targetdir}" ### Parameters ### ## email address ## to_email="your_email@address" NOW=$(date "+%Y%m%d") ### Only Update anti-virus definations once per day identified by date ### ## Look for existing freshcalm.log for todays date - if found, ignore updating the virus def ## If NOT found, clean up any old freshclam-*.log files stored on the system and re-created it along with fresh virus def file="/var/log/clamav/freshclam-${NOW}.log" if [ ! -f "$file" ] then echo "$0: File '${file}' not found." ## Clean up old clam files and create a fresh up to date version f=0 for file in /var/log/clamav/freshclam*.log do if [ -f "$file" ] then rm -f $file ((f++)) fi done echo "number of files removed: $f" echo "creating a new freshclam" freshclam -l /var/log/clamav/freshclam-${NOW}.log fi #freshclam -l /var/log/clamav/freshclam${pid}.log ### End ### echo "scan starting targetting ${scanlocation}" ### Run the anti-virus scan uniquely identified by pid ### started=$(date "+ClamAV Scan started at: %Y-%m-%d %H:%M:%S") clamscan -i -r -l /var/log/clamav/clamscan${pid}.log "${scanlocation}" finished=$(date "+ClamAV Scan finished at: %Y-%m-%d %H:%M:%S") ### End ### ### prepare the email - pid makes the file unique ### ## Set email headers ## ( echo "To: ${to_email}" echo "Subject: ${started}" echo "MIME-Version: 1.0" # echo "Content-Type: text/html" ## does not work with 11.3 for now echo -e "\\r\\n" ) >> /tmp/clamavemail${pid}.tmp ## Set email body ## ( echo "<pre style=\"font-size:14px\">" echo "" echo "scantarget ${scanlocation}" echo "" echo "${started}" echo "" echo "${finished}" echo "" echo "--------------------------------------" echo "ClamAV Scan Summary pid ${pid}" echo "--------------------------------------" tail -n 8 /var/log/clamav/clamscan${pid}.log echo "" echo "" echo "--------------------------------------" echo "freshclam log file" echo "--------------------------------------" tail -n +2 /var/log/clamav/freshclam-${NOW}.log echo "" echo "" echo "--------------------------------------" echo "clamav log file" echo "--------------------------------------" tail -n +4 /var/log/clamav/clamscan${pid}.log | sed -e :a -e '$d;N;2,10ba' -e 'P;D' echo "</pre>" ) >> /tmp/clamavemail${pid}.tmp ### Tidy Up ### ## Delete the freshclam log in preparation of a new log ## #rm /var/log/clamav/freshclam-${NOW}.log ## Not required since file is created once per day i.e no need to refresh clam virus def for every run ## Delete the clamscan log in preparation of a new log ## rm /var/log/clamav/clamscan${pid}.log ### End ###
parameter controlled scheduled cron task:
Code:
/mnt/JailSSD/apps/clamav/run_clamav_scan.sh "Software/some folder name"
FreeNAS running processes:
Last edited: