Merge pull request #226 from mdima/master

Added the option to enable/disable "Heuristics.Broken.Executable" scan.
author: mdima <michele@nt2.it> 2012-03-16 11:46:23 -0700
committer: mdima <michele@nt2.it> 2012-03-16 11:46:23 -0700
commit: 6501e66520c2fa93b3ade4e6d55da86c935754ad (patch)
tree: e69b1d6609f807bc7d52677236793193814d66cd /config
parent: 49cb616c328a913009049c28e400d7dfc9cdd8b3 (diff)
parent: 870ac0b6796f382ed52faa6c9eb026fc58720320 (diff)
download: pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.gz
pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.bz2
pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.zip
2 files changed, 14 insertions, 1 deletions
diff --git a/config/havp/havp.inc b/config/havp/havp.inc
index 9d1e4501..7b4f08a5 100644
--- a/config/havp/havp.inc
+++ b/config/havp/havp.inc
@@ -160,6 +160,7 @@ define('F_SCANIMG',             'scanimg');
 define('F_SCANARC',             'scanarc');
 define('F_SCANSTREAM',          'scanstream');
 define('F_SCANARCMAXSIZE',      'scanarcmaxsize');
+define('F_SCANBROKENEXE',       'scanbrokenexe');
 # antivirus options
 define('F_HAVPUPDATE',        'havpavupdate');
 define('F_DBREGION',          'dbregion');
@@ -539,6 +540,7 @@ function havp_convert_pfxml_xml()
     $havp_config[F_SCANIMG]         = ( $pfconf[F_SCANIMG]    === 'on' ? 'true' : 'false' );
     $havp_config[F_SCANARC]         = ( $pfconf[F_SCANARC]    === 'on' ? 'true' : 'false' );
     $havp_config[F_SCANSTREAM]      = ( $pfconf[F_SCANSTREAM] === 'on' ? 'true' : 'false' );
+	$havp_config[F_SCANBROKENEXE]   = ( $pfconf[F_SCANBROKENEXE] === 'on' ? 'true' : 'false' );
     $havp_config[F_SCANARCMAXSIZE]  = ( is_numeric($pfconf[F_SCANARCMAXSIZE]) ? $pfconf[F_SCANARCMAXSIZE] : HVDEF_MAXARCSCANSIZE );
     # log
     $havp_config[F_SYSLOG]          = ( $pfconf[F_SYSLOG]      === 'on' ? 'true' : 'false' );
@@ -751,9 +753,13 @@ function havp_config_clam()
     $conf[] = "DetectPUA                 no";    # possible unwanted applications
     $conf[] = "AlgorithmicDetection      yes";
     $conf[] = "# executable";
+	if ($havp_config[F_SCANBROKENEXE] === 'true')
+	{$conf[] = "DetectBrokenExecutables   yes";}
+	else
+	{$conf[] = "DetectBrokenExecutables   no";}	
+	#
     $conf[] = "ScanPE                    yes";
     $conf[] = "ScanELF                   yes";
-    $conf[] = "DetectBrokenExecutables   yes";
     $conf[] = "# documents";
     $conf[] = "ScanOLE2                  yes";
     $conf[] = "ScanPDF                   yes";
diff --git a/config/havp/havp.xml b/config/havp/havp.xml
index c7841956..27f1866f 100644
--- a/config/havp/havp.xml
+++ b/config/havp/havp.xml
@@ -267,6 +267,13 @@
                         <type>checkbox</type>
                 </field>
                 <field>
+                        <fielddescr>Scan Broken Executables</fielddescr>
+                        <fieldname>scanbrokenexe</fieldname>
+                        <description>Check this to enable the Heuristic Broken Executable scan.</description>
+                        <type>checkbox</type>
+						<default_value>on</default_value>
+                </field>				
+                <field>
                         <fielddescr>Log</fielddescr>
                         <fieldname>log</fieldname>
                         <description>Check this for enable log.</description>
author	mdima <michele@nt2.it>	2012-03-16 11:46:23 -0700
committer	mdima <michele@nt2.it>	2012-03-16 11:46:23 -0700
commit	6501e66520c2fa93b3ade4e6d55da86c935754ad (patch)
tree	e69b1d6609f807bc7d52677236793193814d66cd /config
parent	49cb616c328a913009049c28e400d7dfc9cdd8b3 (diff)
parent	870ac0b6796f382ed52faa6c9eb026fc58720320 (diff)
download	pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.gz pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.tar.bz2 pfsense-packages-6501e66520c2fa93b3ade4e6d55da86c935754ad.zip