Public Repository

Last pushed: 10 months ago
Short Description
ClamAV (clamd) virus scanner configurable via environment variables
Full Description

ClamAV virus scanner

The purpose of this project is to provide an image that runs a full configurable ClamAV virusscanner

Running clamav

docker run -d -p 3310:3310 --name clamav tender/clamav

Notes on the run command

Many clamd settings can defined at startup (docker run ....) with environmental parameter (-e)

Example:
docker run -d -p 3310:3310 -e LogClean=yes --name clamav tender/clamav

List of possible environment settings:

  • ENV TCPSocket 3310
  • ENV LogSyslog no
  • ENV LogVerbose no
  • ENV LogClean no
  • ENV LogRotate yes
  • ENV LogFileMaxSize 100M
  • ENV DisableCache no
  • ENV MaxConnectionQueueLength 200
  • ENV MaxQueue 200
  • ENV MaxThreads 20
  • ENV StreamMaxLength 1100M
  • ENV MaxScanSize 2000M
  • ENV MaxFileSize 1000M
  • ENV MaxRecursion 10
  • ENV MaxFiles 15000
  • ENV MaxEmbeddedPE 50M
  • ENV MaxHTMLNormalize 40M
  • ENV MaxHTMLNoTags 20M
  • ENV MaxScriptNormalize 50M

Descripton of environment settings (extract from clamav.conf file)

#TCPSocket 3310
TCP port address.
Default: no

#MaxConnectionQueueLength 200
Maximum length the queue of pending connections may grow to.
Default: 200

#StreamMaxLength 10M
Close the connection when the data size limit is exceeded.
The value should match your MTA's limit for a maximum attachment size.
Default: 25M

#MaxThreads 20
Maximum number of threads running at the same time.
Default: 10

#MaxScanSize 150M
This option sets the maximum amount of data to be scanned for each input file.
Archives and other containers are recursively extracted and scanned up to this
value.
Value of 0 disables the limit
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 100M

#MaxFileSize 30M
Files larger than this limit won't be scanned. Affects the input file itself
as well as files contained inside it (when the input file is an archive, a
document or some other kind of container).
Value of 0 disables the limit.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 25M

#MaxRecursion 10
Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
file, all files within it will also be scanned. This options specifies how
deeply the process should be continued.
Note: setting this limit too high may result in severe damage to the system.
Default: 16

#MaxFiles 15000
Number of files to be scanned within an archive, a document, or any other
container file.
Value of 0 disables the limit.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 10000

#MaxEmbeddedPE 10M
Maximum size of a file to check for embedded PE. Files larger than this value
will skip the additional analysis step.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 10M

#MaxHTMLNormalize 10M
Maximum size of a HTML file to normalize. HTML files larger than this value
will not be normalized or scanned.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 10M

#MaxHTMLNoTags 2M
Maximum size of a normalized HTML file to scan. HTML files larger than this
value after normalization will not be scanned.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 2M

#MaxScriptNormalize 5M
Maximum size of a script file to normalize. Script content larger than this
value will not be normalized or scanned.
Note: disabling this limit or setting it too high may result in severe damage
to the system.
Default: 5M

Docker Pull Command
Owner
tender

Comments (0)