NodeJS Clamscan Virus Scanning Utility
Use Node JS to scan files on your server with ClamAV's clamscan binary or clamdscan daemon. This is especially useful for scanning uploaded files provided by un-trusted sources.
Dependencies
You will need to install ClamAV's clamscan binary and/or have clamdscan daemon running on your server. On linux, it's quite simple.
Fedora-based distros:
sudo yum install clamav
Debian-based distros:
sudo apt-get install clamav
As for OSX, I've not tried it, but, here's a promising looking site: http://www.clamxav.com/index.php . I would stick with linux varieties, though...
This module is not intended to work on a Windows server. This would be a welcome addition if someone wants to add that feature (I may get around to it one day but have no urgent need for this).
How to Install
npm install clamscan
Licence info
Licensed under the MIT License:
Getting Started
All of the values listed in the example below represent the default values for their respective configuration item.
You can simply do this:
var clam = require('clamscan')();
And, you'll be good to go.
BUT: If you want more control, you can specify all sorts of options.
var clam = require('clamscan')({
remove_infected: false,
quarantine_infected: false,
scan_log: null,
debug_mode: false
file_list: null,
scan_recursively: true,
clamscan: {
path: '/usr/bin/clamscan',
db: null,
scan_archives: true,
active: true
},
clamdscan: {
path: '/usr/bin/clamdscan',
config_file: '/etc/clamd.conf',
multiscan: true,
reload_db: false,
active: true
},
preference: 'clamdscan'
});
Here is a non-default values example (to help you get an idea of what the proper-looking values should be):
var clam = require('clamscan')({
remove_infected: true,
quarantine_infected: '~/infected/',
scan_recursively: true,
scan_log: '/var/log/node-clam',
debug_mode: true
file_list: '/home/webuser/scan_files.txt',
clamscan: {
path: '/usr/bin/clam',
db: '/usr/bin/better_clam_db',
scan_archives: false,
active: false
},
clamdscan: {
path: '/bin/clamdscan',
config_file: __dirname + '/logs/clamscan-log',
multiscan: false,
reload_db: true,
active: false
},
preference: 'clamscan'
});
API
.is_infected(file_path, callback)
This method allows you to scan a single file.
Parameters:
file_path
(string) Represents a path to the file to be scanned.callback
(function) (optional) Will be called when the scan is complete. It takes 3 parameters:
err
(object or null) A standard javascript Error object (null if no error)file
(string) The original file_path
passed into the is_infected
method.is_infected
(boolean) True: File is infected; False: File is clean.
Example:
clam.is_infected('/a/picture/for_example.jpg', function(err, file, is_infected) {
if(err) {
console.log(err);
return false;
}
if(is_infected) {
res.send({msg: "File is infected!"});
} else {
res.send({msg: "File is clean!"});
}
});
.scan_dir(dir_path, end_callback, file_callback)
Allows you to scan an entire directory for infected files. This obeys your recursive
option even for clamdscan
which does not have a native way to turn this feature off. If you have multiple paths, send them in an array to scan_files
.
TL;DR: For maximum speed, don't supply a file_callback
.
If you choose to supply a file_callback
, the scan will run a little bit slower (depending on number of files to be scanned) for clamdscan
. If you are using clamscan
, while it will work, I'd highly advise you to NOT pass a file_callback
... it will run incredibly slow.
NOTE:
The good_files
and bad_files
parameters of the end_callback
callback in this method will only contain the directories that were scanned in all but the following scenarios:
- A
file_callback
callback is provided, and scan_recursively
is set to true. - The scanner is set to
clamdscan
and scan_recursively
is set to false.
Parameters
dir_path
(string) Full path to the directory to scan.end_callback
(function) Will be called when the entire directory has been completely scanned. This callback takes 3 parameters:
err
(object) A standard javascript Error object (null if no error)good_files
(array) List of the full paths to all files that are clean.bad_files
(array) List of the full paths to all files that are infected.
file_callback
(function) Will be called after each file in the directory has been scanned. This is useful for keeping track of the progress of the scan. This callback takes 3 parameters:
err
(object or null) A standard Javascript Error object (null if no error)file
(string) Path to the file that just got scanned.is_infected
(boolean) True: File is infected; False: File is clean.
Example
clam.scan_dir('/some/path/to/scan', function(err, good_files, bad_files) {
if(!err) {
if(bad_files.length > 0) {
res.send({msg: "Your directory was infected. The offending files have been quarantined."});
} else {
res.send({msg: "Everything looks good! No problems here!."});
}
} else {
}
});
.scan_files(files, end_callback, file_callback)
This allows you to scan many files that might be in different directories or maybe only certain files of a single directory. This is essentially a wrapper for is_infected
that simplifies the process of scanning many files or directories.
Parameters
files
(array) A list of strings representing full paths to files you want scanned.end_callback
(function) Will be called when the entire directory has been completely scanned. This callback takes 3 parameters:
err
(object) A standard javascript Error object (null if no error)good_files
(array) List of the full paths to all files that are clean.bad_files
(array) List of the full paths to all files that are infected.
file_callback
(function) Will be called after each file in the directory has been scanned. This is useful for keeping track of the progress of the scan. This callback takes 3 parameters:
err
(object or null)A standard javascript Error object (null if no error)file
(string) Path to the file that just got scanned.is_infected
(boolean) True: File is infected; False: File is clean.
Example
var scan_status = {
good: 0,
bad: 0
};
var files = [
'/path/to/file/1.jpg',
'/path/to/file/2.mov',
'/path/to/file/3.rb'
];
clam.scan_files(files, function(err, good_files, bad_files) {
if(!err) {
if(bad_files.length > 0) {
res.send({
msg: good_files.length + ' files were OK. ' + bad_files.length + ' were infected!',
bad: bad_files,
good: good_files
});
} else {
res.send({msg: "Everything looks good! No problems here!."});
}
} else {
}
}, function(err, file, is_infected) {
if(is_infected) {
scan_status.bad++;
} else {
scan_status.good++;
}
console.log("Scan Status: " + (scan_status.bad + scan_status.good) + "/" + files.length);
});
Scanning files listed in file list
If this modules is configured with a valid path to a file containing a newline-delimited list of files, it will use the list in that file when scanning if the first paramter passed is falsy.
Files List:
/some/path/to/file.zip
/some/other/path/to/file.exe
/one/more/file/to/scan.rb
Script:
var clam = require('clamscan')({
file_list: '/path/to/file_list.txt'
});
clam.scan_files(null, function(err, good_files, bad_files) {
});
Changing Configuration After Instantiation
You can set settings directly on an instance of this module using the following syntax:
var clam = require('clamscan')({ });
clam.settings.quarantine_infected = true;
clam.is_infected('/some/file.txt');
clam.settings.quarantine_infected = false;
clam.is_infected('/some/file.txt');
Just keep in mind that some of the nice validation that happens on instantiation won't happen if it's done this way. Of course, you could also just create a new instance with different a different initial configuration.
Contribute
Got a missing feature you'd like to use? Found a bug? Go ahead and fork this repo, build the feature and issue a pull request.