I followed your related page while intalling the perfect lamb server on ubuntu11.04 and ispconfig2. it works well but I 'd like to add mod_clamav into proftpd1.3 to integrate. to this I followed at "http://www.howtoforge.com/how-to-integrate-clamav-through-mod_clamav-into-proftpd-for-virus-scanning-on-ubuntu-10.04" it seems to work when i run # proftpd -vv I see mod_clamav - setting default address to 127.0.0.1 ProFTPD Version: 1.3.3d (maint) Scoreboard Version: 01040003 Built: Thu Oct 13 2011 17:54:10 EEST Loaded modules: mod_ifsession/1.0 mod_unique_id/0.1 mod_facl/0.4 mod_sftp_pam/0.1 mod_sftp/0.9.7 mod_site_misc/1.4 mod_ratio/3.3 mod_shaper/0.6.6 mod_exec/0.9.9 mod_vroot/0.8.5 mod_dynmasq/0.3 mod_wrap2_file/1.2 mod_wrap2/2.0.6 mod_ban/0.5.5 mod_load/1.0.1 mod_rewrite/0.8 mod_wrap/1.2.3 mod_quotatab_radius.c mod_quotatab_file.c mod_quotatab/1.3.0 mod_radius/0.9.1 mod_tls/2.4.2 mod_ctrls_admin/0.9.6 mod_lang/0.9 mod_ctrls/0.9.4 mod_cap/1.0 mod_clamav.c mod_auth_pam/1.1 mod_ident/1.0 mod_dso/0.5 mod_facts/0.1 mod_delay/0.6 mod_site.c mod_log.c mod_ls.c mod_auth.c mod_auth_file/0.8.3 mod_auth_unix.c mod_xfer.c mod_core.c But it doesn't work when I test via ftp. What can be the problem ?
clamd works. Already if I run clamdscan -i suspect.file it finds it. # netstat -l |grep clamd unix 2 [ ACC ] STREAM LISTENING 129945 /tmp/clamd Include /etc/proftpd/modules.conf # Set off to disable IPv6 support which is annoying on IPv4 only boxes. UseIPv6 on # If set on you can experience a longer connection delay in many cases. IdentLookups off DefaultRoot ~ ServerIdent on "FTP Server ready." ServerName "Debian" ServerType standalone DeferWelcome off MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayChdir .message true ListOptions "-l" DenyFilter \*.*/ # Use this to jail all users in their homes # DefaultRoot ~ # Users require a valid shell listed in /etc/shells to login. # Use this directive to release that constrain. # RequireValidShell off # Port 21 is the standard FTP port. Port 21 # In some cases you have to specify passive ports range to by-pass # firewall limitations. Ephemeral ports can be used for that, but # feel free to use a more narrow range. # PassivePorts 49152 65534 # If your host was NATted, this option is useful in order to # allow passive tranfers to work. You have to use your public # address and opening the passive ports used on your firewall as well. # MasqueradeAddress 1.2.3.4 # This is useful for masquerading address with dynamic IPs: # refresh any configured MasqueradeAddress directives every 8 hours <IfModule mod_dynmasq.c> # DynMasqRefresh 28800 </IfModule> # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. User proftpd Group nogroup # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords: # PersistentPasswd off # This is required to use both PAM-based authentication and local passwords # AuthOrder mod_auth_pam.c* mod_auth_unix.c # Be warned: use of this directive impacts CPU average load! # Uncomment this if you like to see progress and transfer rate with ftpwho # in downloads. That is not needed for uploads rates. # # UseSendFile off TransferLog /var/log/proftpd/xferlog SystemLog /var/log/proftpd/proftpd.log # In order to keep log file dates consistent after chroot, use timezone info # from /etc/localtime. If this is not set, and proftpd is configured to # chroot (e.g. DefaultRoot or <Anonymous>), it will use the non-daylight # savings timezone regardless of whether DST is in effect. #SetEnv TZ :/etc/localtime <IfModule mod_quotatab.c> QuotaEngine off </IfModule> <IfModule mod_ratio.c> Ratios off </IfModule> # Delay engine reduces impact of the so-called Timing Attack described in # http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 # It is on by default. <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine off ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine off </IfModule> <IfModule mod_clamav.c> ClamAV on ClamServer 127.0.0.1 ClamPort 3310 </IfModule> # # Alternative authentication frameworks # #Include /etc/proftpd/ldap.conf #Include /etc/proftpd/sql.conf #Include /etc/proftpd/tls.conf # # Useful to keep VirtualHost/VirtualRoot directives separated # #Include /etc/proftpd/virtuals.con # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> # Include other custom configuration files Include /etc/proftpd/conf.d/ Include /etc/proftpd_ispconfig.conf
Can you change Code: <IfModule mod_clamav.c> ClamAV on ClamServer 127.0.0.1 ClamPort 3310 </IfModule> to Code: ClamAV on ClamServer 127.0.0.1 ClamPort 3310 and restart ProFTPd? If the module isn't loaded, you should get an error that these directives are not known.
I changed the code; ClamAV on ClamServer 127.0.0.1 ClamPort 3310 I restarted proftpd without any error. proftpd works # /etc/init.d/proftpd restart * Stopping ftp server proftpd ...done. * Starting ftp server proftpd - setting default address to 127.0.0.1 ...done. root@aspx:/usr/src# proftpd -vv - setting default address to 127.0.0.1 ProFTPD Version: 1.3.4rc2 (devel) Scoreboard Version: 01040003 Built: Sun Oct 16 2011 22:12:31 EEST Loaded modules: mod_ifsession/1.1 mod_unique_id/0.2 mod_facl/0.4 mod_sftp_pam/0.2 mod_sftp/0.9.7 mod_site_misc/1.4 mod_ratio/3.3 mod_shaper/0.6.6 mod_exec/0.9.10 mod_dynmasq/0.4 mod_wrap2_file/1.2 mod_wrap2/2.0.6 mod_ban/0.6 mod_load/1.0.1 mod_rewrite/0.9 mod_wrap/1.2.3 mod_quotatab_radius.c mod_quotatab_file.c mod_quotatab/1.3.0 mod_radius/0.9.1 mod_tls/2.4.2 mod_ctrls_admin/0.9.7 mod_lang/0.9 mod_ctrls/0.9.4 mod_cap/1.1 mod_clamav.c mod_auth_pam/1.1 mod_ident/1.0 mod_dso/0.5 mod_facts/0.3 mod_delay/0.6 mod_site.c mod_log.c mod_ls.c mod_auth.c mod_auth_file/0.9 mod_auth_unix.c mod_xfer.c mod_core.c
Could the second proftpd daemon be run? How can I check it ? I wanna specify that I followed the installation intructions completely. Besides I reinstalled proftpd, clamav and mod_clamav .. the problem is still going on. Thanks
There is no such a daemon. But I think that, is there a second proftpd daemon which doesn't support mod_clamav on the server. Or can be there a proftpd which is built on ubuntu11 ? Or proftpd doesn't work with mod_clamav.
