anomy-list

• Previous message: Paul D. Leif: "Will purchase equipment coming off lease"
• In reply to: alex morris: "Re: Use of Sophos sweep not working"
• Next in thread: Bjarni R. Einarsson: "Re: Use of Sophos sweep not working"
• Reply: Bjarni R. Einarsson: "Re: Use of Sophos sweep not working"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Hi Alex,

Thanks for your input and your setting and script work perfectly well.
After some trial and error, I found that if we defined file list with 3
potential policies (as in my previous post), it would not work. If I
added another policy such that:
file_list_1_policy = accept:defang:save:save
file_list_1_scanner = 0:1:2,3:/usr/local/bin/sweep.sh %FILENAME

Any comments?

Thanks,
KC Chang

On Sun, 12 Aug 2001, alex morris wrote:

> Hi,
>
> I think you need to enable "extended error codes" from Sophos. I use it
> like this, /usr/local/bin/sweepit.sh
>
> #!/bin/bash
> cd /usr/local/bin
> ./sweep -f -eec -archive -ns $1
>
> with Anomy sanitizer like this,
>
> file_list_1_scanner = 0:20:24,36:/usr/local/bin/sweepit.sh %FILENAME
> file_list_1_policy = accept:defang:save:save
>
> The Sophos documentation says that exit code (errorlevel)
>
> 0 = clean
> 20 = virus detected and succesfuly disinfected
> 24 = virus detected
> 36 = internal sophos error
>
> but you only get these error codes when you use sweep with the '-eec'
> parameter.
>
> regards,
>
> alex
>
>
>
> Chang Kai Cheong wrote:
> >
> > Hi all,
> >
> > I have installed the version 1.4.0 sanitizer and passed all the testcases.
> > However, I found problem when I set up a policy to scan the "executable
> > files" as follows:
> >
> > file_list_1 = (?i)\.(com|exe|cmd|bat|lnk|pif)$
> > file_list_1_policy = accept:save:save
> > file_list_1_scanner = 0:2,3:/usr/local/bin/sweep.sh %FILENAME
> >
> > where the /usr/local/bin/sweep.sh (enclosed below) is a script calling the
> > sophos virus scanner "sweep". It turned out that the a test mail message
> > attaching a sample virus pattern file "EICAR.COM" was not caught by sweep
> > and got sending (accept). However, the script worked just fine when
> > running on a command line with EICAR.COM as the argument (i.e., return 3
> > on exit). I wondered what I have missed.
> >
> > Thanks,
> > KC Chang Tel: +852 2859 7972
> > Computer Officer Fax: +852 2559 7904
> > Computer Centre, HKU Email: 17709@xyz.molar.is
> >
> > == sweep.sh ==
> > #!/bin/ksh
> > [ "$1" = "" ] && exit 21
> > [ -f "$1" ] || exit 20
> > exec /usr/local/bin/sweep -nb -f -all -rec -ss -sc -archive $1 2>&1 >/dev/null
> >
>

• Next message: Bjarni R. Einarsson: "Re: Use of Sophos sweep not working"
• Previous message: Paul D. Leif: "Will purchase equipment coming off lease"
• In reply to: alex morris: "Re: Use of Sophos sweep not working"
• Next in thread: Bjarni R. Einarsson: "Re: Use of Sophos sweep not working"
• Reply: Bjarni R. Einarsson: "Re: Use of Sophos sweep not working"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]