diff options
author | mdima <michele@nt2.it> | 2012-03-16 11:46:23 -0700 |
---|---|---|
committer | mdima <michele@nt2.it> | 2012-03-16 11:46:23 -0700 |
commit | 6501e66520c2fa93b3ade4e6d55da86c935754ad (patch) | |
tree | e69b1d6609f807bc7d52677236793193814d66cd /config/havp | |
parent | 49cb616c328a913009049c28e400d7dfc9cdd8b3 (diff) | |
parent | 870ac0b6796f382ed52faa6c9eb026fc58720320 (diff) | |
download | pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.gz pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.bz2 pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.zip |
Merge pull request #226 from mdima/master
Added the option to enable/disable "Heuristics.Broken.Executable" scan.
Diffstat (limited to 'config/havp')
-rw-r--r-- | config/havp/havp.inc | 8 | ||||
-rw-r--r-- | config/havp/havp.xml | 7 |
2 files changed, 14 insertions, 1 deletions
diff --git a/config/havp/havp.inc b/config/havp/havp.inc index 9d1e4501..7b4f08a5 100644 --- a/config/havp/havp.inc +++ b/config/havp/havp.inc @@ -160,6 +160,7 @@ define('F_SCANIMG', 'scanimg'); define('F_SCANARC', 'scanarc'); define('F_SCANSTREAM', 'scanstream'); define('F_SCANARCMAXSIZE', 'scanarcmaxsize'); +define('F_SCANBROKENEXE', 'scanbrokenexe'); # antivirus options define('F_HAVPUPDATE', 'havpavupdate'); define('F_DBREGION', 'dbregion'); @@ -539,6 +540,7 @@ function havp_convert_pfxml_xml() $havp_config[F_SCANIMG] = ( $pfconf[F_SCANIMG] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANARC] = ( $pfconf[F_SCANARC] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANSTREAM] = ( $pfconf[F_SCANSTREAM] === 'on' ? 'true' : 'false' ); + $havp_config[F_SCANBROKENEXE] = ( $pfconf[F_SCANBROKENEXE] === 'on' ? 'true' : 'false' ); $havp_config[F_SCANARCMAXSIZE] = ( is_numeric($pfconf[F_SCANARCMAXSIZE]) ? $pfconf[F_SCANARCMAXSIZE] : HVDEF_MAXARCSCANSIZE ); # log $havp_config[F_SYSLOG] = ( $pfconf[F_SYSLOG] === 'on' ? 'true' : 'false' ); @@ -751,9 +753,13 @@ function havp_config_clam() $conf[] = "DetectPUA no"; # possible unwanted applications $conf[] = "AlgorithmicDetection yes"; $conf[] = "# executable"; + if ($havp_config[F_SCANBROKENEXE] === 'true') + {$conf[] = "DetectBrokenExecutables yes";} + else + {$conf[] = "DetectBrokenExecutables no";} + # $conf[] = "ScanPE yes"; $conf[] = "ScanELF yes"; - $conf[] = "DetectBrokenExecutables yes"; $conf[] = "# documents"; $conf[] = "ScanOLE2 yes"; $conf[] = "ScanPDF yes"; diff --git a/config/havp/havp.xml b/config/havp/havp.xml index c7841956..27f1866f 100644 --- a/config/havp/havp.xml +++ b/config/havp/havp.xml @@ -267,6 +267,13 @@ <type>checkbox</type> </field> <field> + <fielddescr>Scan Broken Executables</fielddescr> + <fieldname>scanbrokenexe</fieldname> + <description>Check this to enable the Heuristic Broken Executable scan.</description> + <type>checkbox</type> + <default_value>on</default_value> + </field> + <field> <fielddescr>Log</fielddescr> <fieldname>log</fieldname> <description>Check this for enable log.</description> |