{"id":20204216,"url":"https://github.com/openbridge/clamav","last_synced_at":"2025-04-10T12:08:53.552Z","repository":{"id":54127264,"uuid":"153690856","full_name":"openbridge/clamav","owner":"openbridge","description":"Docker based ClamAV® service provides an easy to deploy open source antivirus engine for detecting trojans, viruses, malware \u0026 other malicious threats.","archived":false,"fork":false,"pushed_at":"2021-07-15T17:16:18.000Z","size":330,"stargazers_count":45,"open_issues_count":2,"forks_count":13,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-03-24T10:56:31.440Z","etag":null,"topics":["anti-spam","antivirus","clamav","clamav-client","clamd","clamscan","docker","docker-clamav","docker-clamd"],"latest_commit_sha":null,"homepage":"https://www.openbridge.com/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openbridge.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-18T21:40:02.000Z","updated_at":"2025-02-27T13:12:08.000Z","dependencies_parsed_at":"2022-08-13T07:01:18.497Z","dependency_job_id":null,"html_url":"https://github.com/openbridge/clamav","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openbridge%2Fclamav","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openbridge%2Fclamav/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openbridge%2Fclamav/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openbridge%2Fclamav/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openbridge","download_url":"https://codeload.github.com/openbridge/clamav/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248217077,"owners_count":21066633,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-spam","antivirus","clamav","clamav-client","clamd","clamscan","docker","docker-clamav","docker-clamd"],"created_at":"2024-11-14T05:11:25.912Z","updated_at":"2025-04-10T12:08:53.535Z","avatar_url":"https://github.com/openbridge.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Docker ClamAV\n\nWe have paired Docker with ClamAV®. This delivers an easy to deploy open source (GPL) anti-virus engine that can be used in variety of situations including email scanning, web scanning, and end point security.\n\nThe service runs `clamd` within a lightweight Alpine Linux Docker image. This provides a portable, flexible and scalable multi-threaded daemon, a command line scanner, builds with the current virus databases and runs `freshclam` in the background.\n\n# Usage\nFirst, you can build the image or pull it:\n\n### Get the image\n```bash\ndocker build -t openbridge/clamav .\n```\nThe easier thing to do would be to pull it:\n```bash\ndocker pull openbridge/clamav\n```\n### Starting your container\nNext, to run the image you can use:\n```bash\ndocker run -d -p 3310:3310 openbridge/clamav\n```\n or via a simpler (recommended!) approach is to use the included Docker compose file:\n```bash\ndocker-compose up -d\n```\n\nThe benefit of compose is the use of a Docker volume to hold the clam database files which allows them to persist across builds and updates.\n\n```bash\nvolumes:\n clamd_data:\n driver: local\n```\n\n# Configuration\n\nThere are a few different configuration files. The principle is for `clamd` as it governs the core behavior of the service.\n\n## Clamd\n\n`clamd` is listening on exposed port 3310. We use a default configuration:\n\n```bash\nLogSyslog yes\nPidFile /var/run/clamd.pid\nLocalSocket /var/run/clamd.sock\nFixStaleSocket true\nLocalSocketGroup clamav\nLocalSocketMode 666\nTemporaryDirectory /tmp\nDatabaseDirectory /var/lib/clamav\nTCPSocket 3310\nTCPAddr {{PUBLICIPV4}}\nMaxConnectionQueueLength 200\nMaxThreads 10\nReadTimeout 400\nForeground true\nStreamMaxLength 100M\nHeuristicScanPrecedence yes\nStructuredDataDetection no\n#StructuredSSNFormatNormal yes\nScanPE yes\nScanELF yes\nDetectBrokenExecutables yes\nScanOLE2 yes\nScanPDF yes\nScanSWF yes\nScanMail yes\nPhishingSignatures yes\nPhishingScanURLs yes\nScanArchive yes\nArchiveBlockEncrypted no\nMaxScanSize 1000M\nMaxFileSize 1000M\nBytecode yes\nBytecodeSecurity TrustSigned\nBytecodeTimeout 240000\n```\n## Freshclam\nfreshclam is a virus database update tool for ClamAV. It is run as a background process via `cron`:\n\n```bash\nSHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\n59 3 * * * /usr/bin/env bash -c 'freshclam --quiet' 2\u003e\u00261\n```\n\nThe default configuration for `freshclam`:\n```bash\nLogSyslog yes\nDatabaseMirror database.clamav.net\nTestDatabases yes\nReceiveTimeout 60\nConnectTimeout 60\n```\nFreshclam may be triggered by `/etc/monitrc` as well. See \"Monitoring\" below.\n\n# Virus Tests\nA virus test check will run periodically via `/bin/bash -c '/tests/test_virus.sh'`. This is run to validate that clamd is able to scan for known virus signatures. If this test fails, then the container will restart.\n\nThe following are the test virus signature files in `/tests/virus/`:\n\n```bash\nclam-v2.rar\nlam-v3.rar\nclam.cab\nclam.exe\nclam.exe.bz2\nclam.zip\neicar.com\nmulti.zip\nprogram.doc\ntest.rar\ntest.txt\nПрограмма.doc\n```\n\n# Monitoring\nServices in the container are monitored via `monit`. Monit is orchestrating the automated monitoring for various health and upkeep operations. For example, here are a few operations it cares for:\n\n```bash\ncheck process clamd-process with pidfile /run/clamav/clamd.pid\n start program = \"/bin/bash -c '/usr/bin/clam start'\" with timeout 60 seconds\n stop program = \"/bin/bash -c '/usr/bin/clam stop'\"\n if cpu \u003e 90% for 8 cycles then restart\n if 5 restarts within 5 cycles then timeout\n\ncheck program clamd-scan-check with path \"/bin/bash -c '/tests/test_virus.sh'\"\n every 10 cycles\n start program = \"/bin/bash -c '/usr/bin/clam start'\" with timeout 60 seconds\n stop program = \"/bin/bash -c '/usr/bin/clam stop'\"\n if status != 0 for 2 cycles then stop\n\ncheck host clamd-server-port with address {{PUBLICIPV4}}\n start program = \"/bin/bash -c '/usr/bin/clam start'\" with timeout 60 seconds\n stop program = \"/bin/bash -c '/usr/bin/clam stop'\"\n if failed port 3310 for 3 cycles then restart\n\ncheck file clamd-db-main with path /var/lib/clamav/main.cvd\n if timestamp \u003e 80 hour then exec \"/usr/bin/freshclam --quiet\"\n\ncheck file clamd-db-daily with path /var/lib/clamav/daily.cvd\n if timestamp \u003e 80 hour then exec \"/usr/bin/freshclam --quiet\"\n\ncheck file clamd-db-bytecode with path /var/lib/clamav/bytecode.cvd\n if timestamp \u003e 80 hour then exec \"/usr/bin/freshclam --quiet\"\n```\n\n### Verify Status\nTo verify that everything is running as expected in the container you can use Monit status. The command will look something like this: `docker exec -it clamd monit status`. This will generate the Monit status view:\n\n```bash\nMonit 5.25.1 uptime: 0m\n\nProcess 'cron'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n pid 22\n parent pid 1\n uid 0\n effective uid 0\n gid 0\n uptime 0m\n threads 1\n children 0\n cpu 0.0%\n cpu total 0.0%\n memory 0.0% [40 kB]\n memory total 0.0% [40 kB]\n security attribute (null)\n disk write 0 B/s [4 kB total]\n data collected Fri, 19 Oct 2018 15:59:44\n\nProcess 'clamd-process'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n pid 1\n parent pid 0\n uid 0\n effective uid 0\n gid 0\n uptime 0m\n threads 3\n children 3\n cpu 0.0%\n cpu total 0.0%\n memory 6.8% [543.3 MB]\n memory total 6.8% [543.8 MB]\n security attribute (null)\n disk read 0 B/s [60 kB total]\n disk write 0 B/s [524 kB total]\n data collected Fri, 19 Oct 2018 15:59:44\n\nProgram 'clamd-scan-check'\n status OK\n monitoring status Waiting\n monitoring mode active\n on reboot start\n last exit value 0\n last output + set -o nounset\n + set -o pipefail\n + source /network\n ++ PUBLICIPV4=172.26.0.1\n ++ LOCALIPV4=172.26.0.1\n + echo 'X5O!P%@AP[4\\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*\n '\n + tee /tests/virus/eicar.com\n + for i in /tests/virus/*\n ++ clamdscan --stream /tests/virus/Eicar-Test-Signature.zip\n ++ grep -o FOUND\n + VIRUS_TEST=FOUND\n + '[' FOUND == FOUND ']'\n + echo 'SUCCESS: Clamd working and detecting our test file (/tests/virus/Eicar-Test-Signature.zip)'\n + for i in /tests/virus/*\n ++ clamdscan --stream /tests/virus/clam-v2.rar\n ++ grep -o FOUND\n + VIRUS_TEST=FOUND\n + '[' FOUND == FOUND ']'\n + echo 'SUCCESS: Clamd working and detecting our test file (/tests/virus/clam-v2.rar)'\n + for i in /tests/virus/*\n ++ clamdscan --stream /tests/virus/clam-v3.rar\n ++ grep -o FOU\n data collected Fri, 19 Oct 2018 15:59:44\n\nRemote Host 'clamd-server-port'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n port response time 0.246 ms to 172.26.0.1:3310 type TCP/IP protocol DEFAULT\n data collected Fri, 19 Oct 2018 15:59:44\n\nFile 'clamd-db-main'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n permission 644\n uid 100\n gid 101\n size 112.4 MB\n access timestamp Fri, 19 Oct 2018 15:59:13\n change timestamp Fri, 19 Oct 2018 15:59:08\n modify timestamp Wed, 07 Jun 2017 21:38:00\n data collected Fri, 19 Oct 2018 15:59:44\n\nFile 'clamd-db-daily'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n permission 644\n uid 100\n gid 101\n size 49.1 MB\n access timestamp Fri, 19 Oct 2018 15:59:08\n change timestamp Fri, 19 Oct 2018 15:59:08\n modify timestamp Fri, 19 Oct 2018 13:00:05\n data collected Fri, 19 Oct 2018 15:59:44\n\nFile 'clamd-db-bytecode'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n permission 644\n uid 100\n gid 101\n size 183.0 kB\n access timestamp Fri, 19 Oct 2018 15:59:22\n change timestamp Fri, 19 Oct 2018 15:59:08\n modify timestamp Thu, 09 Aug 2018 00:44:01\n data collected Fri, 19 Oct 2018 15:59:44\n\nSystem 'be92aa06e36c'\n status OK\n monitoring status Monitored\n monitoring mode active\n on reboot start\n load average [0.33] [0.21] [0.10]\n cpu 0.1%us 0.1%sy 0.1%wa\n memory usage 979.5 MB [12.3%]\n swap usage 0 B [0.0%]\n uptime 1d 3h 18m\n boot time Thu, 18 Oct 2018 12:41:14\n data collected Fri, 19 Oct 2018 15:59:44\n```\n\n# Versioning\nHere are the latest releases:\n\n| Docker Tag | Git Hub Release | Clamd Version | Alpine Version |\n|-----|-------|-----|--------|\n| latest | master | 0.103.1 | 3.13 |\n\n\n# TODO\n\n\n# Issues\n\nIf you have any problems with or questions about this image, please contact us through a GitHub issue.\n\n# Contributing\n\nYou are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.\n\nBefore you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.\n\n# MIT License\n\nCopyright (c) 2018 tspicer\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenbridge%2Fclamav","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenbridge%2Fclamav","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenbridge%2Fclamav/lists"}