Skip to content

Traperto/clamav-rest

Repository files navigation

ClamAV-Rest

Overview

Simple ClamAV REST proxy. Inspired by Solita/clamav-rest, this client adds some more environment configuration.

This source code is build into the docker image jreinartz/clamav-rest.

Your ClamAV-daemon is in the same docker-compose.yml? Or shall the service of the Docker host be used? Change these:

  • HOST or IP
  • PORT of ClamAV-daemon

You want to customize the maximal size of scanable file? This is your parameter:

  • MAX_STREAM_SIZE (in Bytes)

docker-compose.yml with docker image

Simply use the docker-compose.yml of this repository for a working REST-API. It contains the ClamAV server and uses the image jreinartz/clamav-rest.

Run docker compose up to start the service.

Scan any file using curl -F "file=@./eicar.txt" localhost:8080/scan where eicar.txt is the file to be scanned.

The answer will be either Everything ok : false for malicious files or otherwise Everything ok : true.

docker-compose.yml with source

Clone this source code and use the docker-compose.yml of the repository for a working REST-API. It contains the ClamAV server.

version: "3.2"

services:
  clamav:
    build: .
    environment:
      HOST: host.docker.internal
    ports:
      - 5000:80
    extra_hosts:
      - "host.docker.internal:host-gateway"

Run docker compose up to start the service. The existing Dockerfile will be used, to package the source code into a Docker image. Therefore some download traffic will occur.

Scan any file using curl -F "file=@./eicar.txt" localhost:8080/scan where eicar.txt is the file to be scanned.

The answer will be either Everything ok : false for malicious files or otherwise Everything ok : true.

Accessing the host ClamAV

Tested on Ubuntu 20.04

With this docker-compose.yml the service will access the host daemon.

version: "3.2"

services:
  clamav:
    image: jreinartz/clamav-rest
    environment:
      HOST: host.docker.internal
    ports:
      - 5000:80
    extra_hosts:
      - "host.docker.internal:host-gateway"

There are some actions, that may be required (THESE CHANGES MAY LEAD TO A DEFECTIVE SYSTEM. DO ONLYPERFORM CHANGES, IF YOU KNOW WHAT YOU ARE DOING!):

  1. The clamd.conf must be changed, so that the service will listen to TCP and not the socket. This command may help you sudo dpkg-reconfigure clamav-daemon
  2. If a firewall is present (e.g. ufw), it must allow traffic from Docker container to the host port. Example for opening the firewall wide (what you surely do not want) for all possible docker IPs sudo ufw allow in from 172.0.0.0/8

Hint to the file size

As you can see, this code supports the configuration of a maximal file size for scanned files. Make sure, that the ClamAV service also supports this file size. Otherwise, an error will occur.

How set the file size for ClamAV?

  1. If using the host service, simply change the /etc/clamav/clamd.conf to the wished file size. This should be the corresponding settings: MaxScanSize, MaxFileSize, PCREMaxFileSize, StreamMaxLength
  2. If using the dockerized ClamAV image, you want to overwrite the conf using a volume link to a more fitting clamd.conf
    …
    volumes:
      - ./clamd.conf:/etc/clamav/clamd.conf
    …

Thanks

Thanks to Solita for the inspiration.

Contact

Contact us via traperto.com.

About

Dockerized Rest API for sending files to ClamAV

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published