Awesome
Simple ClamAV REST proxy. Builds on top of clamav-java which is a minimal Java client for ClamAV.
This is a component of the mojfile-uploader project.
This project depends on moj-clamav-daemon
Build
docker build -t clamav-rest .
Run
docker run -d -p 3310:3310 --name clamd clamav # <-- https://github.com/ministryofjustice/moj-clamav-daemon
docker run -d -p 8080:8080 --link clamd:clamd --name clamav-rest -e HOST=clamd -e PORT=3310 clamav-rest
Test
Allow some time for the clamav-rest container to finish starting up, then;
cd test
./test.sh
Push to MoJ repository
Adjust version number, as appropriate
docker tag clamav-rest registry.service.dsd.io/ministryofjustice/clamav-rest:0.1.0
docker push registry.service.dsd.io/ministryofjustice/clamav-rest:0.1.0
What is it?
The big picture
This is an example for the deployment. You could omit the log server, it's completely optional.
For more general information, see also our blog post.
The technical details
This is a REST proxy server with support for basic INSTREAM scanning and PING command.
Clamd protocol is explained here: http://linux.die.net/man/8/clamd
Clamd protocol contains command such as shutdown so exposing clamd directly to external services is not a feasible option. Accessing clamd directly is fine if you are running single application and it's on the localhost.
An example to build on
This is is mainly an example, not a serious production ready server. You can customize this for your specific needs. Or rewrite it using something other than Spring Boot if you wish.
Usage
You have two options. You can use Docker and run a Docker image to test it. The Docker image is based on the supplied Dockerfile specification.
Or you can build the JAR. This creates a stand-alone JAR with embedded Jetty serlet container.
mvn package
Starting the REST service is quite straightforward.
java -jar clamav-rest-1.0.0.jar --server.port=8765 --clamd.host=myprecious.clamd.serv.er --clamd.port=3310
Setting up local clamd virtual server
By default clamd is assumed to respond in a local virtual machine. Setting it up is explained in ClamAV client repository. Or you can use a clamd Docker image.
Testing the REST service
You can use curl as it's REST. Here's an example test session:
curl localhost:8080
Clamd responding: true
curl -F "name=blabla" -F "file=@./eicar.txt" localhost:8080/scan
Everything ok : false
EICAR is a test file which is recognized as a virus by scanners even though it's not really a virus. Read more EICAR information here.
License
Copyright © 2014 Solita
Distributed under the GNU Lesser General Public License, either version 2.1 of the License, or (at your option) any later version.