clamdproxy

command module
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2025 License: MIT Imports: 13 Imported by: 0

README

clamdproxy

Go Report Card GoDoc GitHub release

A Go proxy for clamd that filters out insecure commands.

Features

  • Proxies clamd protocol commands to a backend clamd server
  • Uses a whitelist approach - only allows safe commands: PING, INSTREAM, VERSION, VERSIONCOMMANDS
  • Blocks all other commands for enhanced security
  • Supports both null character and newline delimited commands
  • Handles special INSTREAM command properly
  • Performance optimized with buffer pools and efficient I/O
  • Configurable logging levels

Installation

Using Pre-built Binaries

The easiest way to get started is to download a pre-built binary from the GitHub Releases page:

  1. Navigate to the latest release
  2. Download the appropriate binary for your platform (Linux, macOS, Windows)
  3. Make the file executable (on Unix-based systems):
    chmod +x clamdproxy
    
  4. Move it to a directory in your PATH (optional):
    sudo mv clamdproxy /usr/local/bin/
    
Building from Source

If you prefer to build from source:

git clone https://github.com/yourusername/clamdproxy.git
cd clamdproxy
go build -o clamdproxy

Usage

Basic usage:

clamdproxy -listen 127.0.0.1:3310 -backend 127.0.0.1:3311
Options
  • --listen: Address to listen on (default: 127.0.0.1:3310)
  • --backend: Address of the backend clamd server (default: 127.0.0.1:3311)
  • --log-level: Logging level: debug, info, warn, error (default: warn)
  • --pprof: Address for pprof HTTP server (disabled if empty)

Protocol

The proxy supports the clamd protocol as described in the clamd documentation. It handles both null-terminated commands (prefixed with 'z') and newline-terminated commands (prefixed with 'n').

Performance

clamdproxy is designed to be lightweight and efficient:

  • Uses buffer pools to reduce memory allocations
  • Implements efficient I/O with buffered readers/writers
  • Minimal overhead for proxying commands and data

Documentation

Overview

Package main implements a proxy server for ClamAV's clamd daemon that filters unsafe commands and forwards safe ones to the backend.

Package main implements a proxy server for ClamAV's clamd daemon

Directories

Path Synopsis
Package main implements a test client for clamdproxy
Package main implements a test client for clamdproxy

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL