aboutsummaryrefslogtreecommitdiffstats
path: root/config/havp
diff options
context:
space:
mode:
authormdima <michele@nt2.it>2012-03-16 11:46:23 -0700
committermdima <michele@nt2.it>2012-03-16 11:46:23 -0700
commit6501e66520c2fa93b3ade4e6d55da86c935754ad (patch)
treee69b1d6609f807bc7d52677236793193814d66cd /config/havp
parent49cb616c328a913009049c28e400d7dfc9cdd8b3 (diff)
parent870ac0b6796f382ed52faa6c9eb026fc58720320 (diff)
downloadpfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.gz
pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.bz2
pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.zip
Merge pull request #226 from mdima/master
Added the option to enable/disable "Heuristics.Broken.Executable" scan.
Diffstat (limited to 'config/havp')
-rw-r--r--config/havp/havp.inc8
-rw-r--r--config/havp/havp.xml7
2 files changed, 14 insertions, 1 deletions
diff --git a/config/havp/havp.inc b/config/havp/havp.inc
index 9d1e4501..7b4f08a5 100644
--- a/config/havp/havp.inc
+++ b/config/havp/havp.inc
@@ -160,6 +160,7 @@ define('F_SCANIMG', 'scanimg');
define('F_SCANARC', 'scanarc');
define('F_SCANSTREAM', 'scanstream');
define('F_SCANARCMAXSIZE', 'scanarcmaxsize');
+define('F_SCANBROKENEXE', 'scanbrokenexe');
# antivirus options
define('F_HAVPUPDATE', 'havpavupdate');
define('F_DBREGION', 'dbregion');
@@ -539,6 +540,7 @@ function havp_convert_pfxml_xml()
$havp_config[F_SCANIMG] = ( $pfconf[F_SCANIMG] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANARC] = ( $pfconf[F_SCANARC] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANSTREAM] = ( $pfconf[F_SCANSTREAM] === 'on' ? 'true' : 'false' );
+ $havp_config[F_SCANBROKENEXE] = ( $pfconf[F_SCANBROKENEXE] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANARCMAXSIZE] = ( is_numeric($pfconf[F_SCANARCMAXSIZE]) ? $pfconf[F_SCANARCMAXSIZE] : HVDEF_MAXARCSCANSIZE );
# log
$havp_config[F_SYSLOG] = ( $pfconf[F_SYSLOG] === 'on' ? 'true' : 'false' );
@@ -751,9 +753,13 @@ function havp_config_clam()
$conf[] = "DetectPUA no"; # possible unwanted applications
$conf[] = "AlgorithmicDetection yes";
$conf[] = "# executable";
+ if ($havp_config[F_SCANBROKENEXE] === 'true')
+ {$conf[] = "DetectBrokenExecutables yes";}
+ else
+ {$conf[] = "DetectBrokenExecutables no";}
+ #
$conf[] = "ScanPE yes";
$conf[] = "ScanELF yes";
- $conf[] = "DetectBrokenExecutables yes";
$conf[] = "# documents";
$conf[] = "ScanOLE2 yes";
$conf[] = "ScanPDF yes";
diff --git a/config/havp/havp.xml b/config/havp/havp.xml
index c7841956..27f1866f 100644
--- a/config/havp/havp.xml
+++ b/config/havp/havp.xml
@@ -267,6 +267,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Scan Broken Executables</fielddescr>
+ <fieldname>scanbrokenexe</fieldname>
+ <description>Check this to enable the Heuristic Broken Executable scan.</description>
+ <type>checkbox</type>
+ <default_value>on</default_value>
+ </field>
+ <field>
<fielddescr>Log</fielddescr>
<fieldname>log</fieldname>
<description>Check this for enable log.</description>