view release on metacpan or  search on metacpan

README  view on Meta::CPAN

If you want to add for example a contact email address in the "infected"
return page, add this line in the wrapper.

Write a new wrapper for an unsupported av tool
----------------------------------------------
Don't write a new wrapper, take one of the existing wrappers and put in your
av tool command. ;-)

There are basically two kinds of wrappers:
The wrapper for clamav, sophos and mcafee call the av command via perl 
open call and read stdout of the av command and decide on the return code 
if the file was infected, suspicious or clean.
The RAV wrapper is built with expect, because RAV tries a TCGETS ioctl and
segfaults if no pty is present, but decisions are made on the same codes.
In general the open version should be enough.

The wrapper is called with one parameter: a temporary filename, where
the download was saved.

The result of the scan should be reported back to Apache::ProxyScan via
return codes.

README  view on Meta::CPAN

The Power of Apache::ProxyScan
------------------------------
I started to write Apache::ProxyScan because we needed a virus scanning 
proxy on Linux for zSeries. 
The solutions provided for the integration of commercial av scanners into
open source proxy servers were rather ugly.
SQUID+SQIRM+ApacheCGI+WGET is the worst I can remember. Other projects 
provided patches for old and outdated squid caches and/or need a daemon
to scan the files.
I decided for a solution in mod_perl and Apache at the point I found 
the ProxyPass Example in "Writing Apache Mopdules with Perl and C" from O'Reily and the easy way to move the request and response headers between Apache and 
LWP::UserAgent.

Timeouts
--------
*fix this for ProxyScanPredeliverSize*
OK, and here the special sections about timeouts:
Users are used to get a growing download bar when the start a download.
We don't deliver a byte of the downloaded file until we know if it is clean
or not. If we deliver the beginning of the file and then need to report