aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorMichele Di Maria <michele@nt2.it>2012-03-16 19:40:04 +0100
committerMichele Di Maria <michele@nt2.it>2012-03-16 19:40:04 +0100
commit870ac0b6796f382ed52faa6c9eb026fc58720320 (patch)
tree92cb4a39ac0ba095058e144c0e3130e1fdf359d2 /config
parentb003bf9e166b04b1f72d43ce84311105b6b3de67 (diff)
downloadpfsense-packages-870ac0b6796f382ed52faa6c9eb026fc58720320.tar.gz
pfsense-packages-870ac0b6796f382ed52faa6c9eb026fc58720320.tar.bz2
pfsense-packages-870ac0b6796f382ed52faa6c9eb026fc58720320.zip
Added the option to enable/disable "Heuristics.Broken.Executable" scan.
See http://forum.pfsense.org/index.php/topic,47271.0.html for more info
Diffstat (limited to 'config')
-rw-r--r--config/havp/havp.inc8
-rw-r--r--config/havp/havp.xml7
2 files changed, 14 insertions, 1 deletions
diff --git a/config/havp/havp.inc b/config/havp/havp.inc
index 9d1e4501..7b4f08a5 100644
--- a/config/havp/havp.inc
+++ b/config/havp/havp.inc
@@ -160,6 +160,7 @@ define('F_SCANIMG', 'scanimg');
define('F_SCANARC', 'scanarc');
define('F_SCANSTREAM', 'scanstream');
define('F_SCANARCMAXSIZE', 'scanarcmaxsize');
+define('F_SCANBROKENEXE', 'scanbrokenexe');
# antivirus options
define('F_HAVPUPDATE', 'havpavupdate');
define('F_DBREGION', 'dbregion');
@@ -539,6 +540,7 @@ function havp_convert_pfxml_xml()
$havp_config[F_SCANIMG] = ( $pfconf[F_SCANIMG] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANARC] = ( $pfconf[F_SCANARC] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANSTREAM] = ( $pfconf[F_SCANSTREAM] === 'on' ? 'true' : 'false' );
+ $havp_config[F_SCANBROKENEXE] = ( $pfconf[F_SCANBROKENEXE] === 'on' ? 'true' : 'false' );
$havp_config[F_SCANARCMAXSIZE] = ( is_numeric($pfconf[F_SCANARCMAXSIZE]) ? $pfconf[F_SCANARCMAXSIZE] : HVDEF_MAXARCSCANSIZE );
# log
$havp_config[F_SYSLOG] = ( $pfconf[F_SYSLOG] === 'on' ? 'true' : 'false' );
@@ -751,9 +753,13 @@ function havp_config_clam()
$conf[] = "DetectPUA no"; # possible unwanted applications
$conf[] = "AlgorithmicDetection yes";
$conf[] = "# executable";
+ if ($havp_config[F_SCANBROKENEXE] === 'true')
+ {$conf[] = "DetectBrokenExecutables yes";}
+ else
+ {$conf[] = "DetectBrokenExecutables no";}
+ #
$conf[] = "ScanPE yes";
$conf[] = "ScanELF yes";
- $conf[] = "DetectBrokenExecutables yes";
$conf[] = "# documents";
$conf[] = "ScanOLE2 yes";
$conf[] = "ScanPDF yes";
diff --git a/config/havp/havp.xml b/config/havp/havp.xml
index c7841956..27f1866f 100644
--- a/config/havp/havp.xml
+++ b/config/havp/havp.xml
@@ -267,6 +267,13 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Scan Broken Executables</fielddescr>
+ <fieldname>scanbrokenexe</fieldname>
+ <description>Check this to enable the Heuristic Broken Executable scan.</description>
+ <type>checkbox</type>
+ <default_value>on</default_value>
+ </field>
+ <field>
<fielddescr>Log</fielddescr>
<fieldname>log</fieldname>
<description>Check this for enable log.</description>