How do I scan a Storage Pool with CLAMAV?

vitorsantoz · Feb 18, 2020

Hi Everyone,
I am using Clamav on FreeNAS and i have a question that i never see anybody responding on internet...
Currently on my work we have a pool named arq01 - Is a windows filesystem.
Also we have a Clamav installed on a jail called clamav.
Basically i need a help with a script that makes Clamav see this arq01 to scan windows files.
Please help me!

Johnny Fartpants · Feb 18, 2020

[HOW TO] Install ClamAV on FreeNAS v11

Note: Best place to get the latest scripts is via GitHub https://github.com/jaburt/ Hi All, I've noticed a few posts about whether you should do an anti-virus scan on you NAS files, and thought I look into seeing how easy/hard it was to do. One...

www.ixsystems.com

vitorsantoz · Feb 18, 2020

Johnny Fartpants said:
[HOW TO] Install ClamAV on FreeNAS v11

Note: Best place to get the latest scripts is via GitHub https://github.com/jaburt/ Hi All, I've noticed a few posts about whether you should do an anti-virus scan on you NAS files, and thought I look into seeing how easy/hard it was to do. One...

www.ixsystems.com

Thanks Johnny, but this post does'nt explain exatcly how we do to scan file pools =(

sretalla · Feb 18, 2020

You need to add the storage mounts to the clamav jail, then clamav can see it.

15. Jails — FreeNAS®11.3-RELEASE User Guide Table of Contents

www.ixsystems.com

vitorsantoz · Feb 18, 2020

Thanks my dr

sretalla said:
You need to add the storage mounts to the clamav jail, then clamav can see it.

15. Jails — FreeNAS®11.3-RELEASE User Guide Table of Contents

www.ixsystems.com

Thanks my friend.
You help me a lot.
There is one more questions, how do i make a scan on this directory?
/mnt/Arq01/iocage/jails/clamav/root/mnt/Arq01 ?

sretalla · Feb 18, 2020

Maybe something like this?

GitHub - jaburt/FreeNAS-Server-ClamAV-Scan: A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares.

A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares. - jaburt/FreeNAS-Server-ClamAV-Scan

github.com

Also, from in the jail (iocage console <clamjail>) run clamscan -h

vitorsantoz · Feb 20, 2020

sretalla said:
Maybe something like this?

GitHub - jaburt/FreeNAS-Server-ClamAV-Scan: A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares.

A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares. - jaburt/FreeNAS-Server-ClamAV-Scan

github.com

Also, from in the jail (iocage console <clamjail>) run clamscan -h

I Got! Thanks my friend. Problem solved.

RLe · Apr 3, 2020

I can't find the answer, but where do we store the script? Completely clueless as of now.

Somewhere in a self chosen directory of FreeNAS or is it automatically installed via the CLAMAV FreeNAS Plugin? Is it just than a matter of updating the install base of the jail?

sretalla · Apr 3, 2020

RLe said:
Somewhere in a self chosen directory of FreeNAS or is it automatically installed via the CLAMAV FreeNAS Plugin? Is it just than a matter of updating the install base of the jail?

Create the script file in the jail since it needs to run there. It's not part of the jail/plugin, so you need to do it yourself if you want to use it. You can just run clamscan if you don't want the script (it's already in the jail).

vitorsantoz · Apr 3, 2020

RLe said:
I can't find the answer, but where do we store the script? Completely clueless as of now.

Somewhere in a self chosen directory of FreeNAS or is it automatically installed via the CLAMAV FreeNAS Plugin? Is it just than a matter of updating the install base of the jail?

Inside the jail you store a file ".sh" input your command to scan locations and install a cron job to perform this scan.

anodos · Apr 3, 2020

You may want to verify that clamav scans extended attributes. A quick grep through the source doesn't indicate any calls to extattr_list_file(2) and so I assume it probably does not. In this case a malicious actor can simply bypass your AV scanner by writing into a payload into an alternate data stream (although modern Windows clients don't allow executing from an ADS IIRC).

D4R4 · Aug 21, 2023

I have to ask... What happens if I simply install the ClamAV package directly on the TrueNAS (FreeBSD?) OS and set it up manually like any other box? Is it even possible? What are the downsides?

anodos · Aug 21, 2023

D4R4 said:
I have to ask... What happens if I simply install the ClamAV package directly on the TrueNAS (FreeBSD?) OS and set it up manually like any other box? Is it even possible? What are the downsides?

Not supported. Will possibly break base install if you try to force it.

sretalla · Aug 21, 2023

And will disappear on the next appliance upgrade.

Important Announcement for The TrueNAS Community.

How do I scan a Storage Pool with CLAMAV?

vitorsantoz

Cadet

Johnny Fartpants

Guru

[HOW TO] Install ClamAV on FreeNAS v11

vitorsantoz

Cadet

[HOW TO] Install ClamAV on FreeNAS v11

sretalla

Powered by Neutrality

15. Jails — FreeNAS®11.3-RELEASE User Guide Table of Contents

vitorsantoz

Cadet

15. Jails — FreeNAS®11.3-RELEASE User Guide Table of Contents

sretalla

Powered by Neutrality

GitHub - jaburt/FreeNAS-Server-ClamAV-Scan: A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares.

vitorsantoz

Cadet

GitHub - jaburt/FreeNAS-Server-ClamAV-Scan: A script to automate (via a cron job) the anti-virus scan of your FreeNAS/TreuNAS shares.

RLe

Cadet

sretalla

Powered by Neutrality

vitorsantoz

Cadet

anodos

Sambassador

D4R4

Cadet

anodos

Sambassador

sretalla

Powered by Neutrality

Similar threads

Important Announcement for The TrueNAS Community.