ClamAVのデーモン起動時用設定ファイル「clamd.conf」についてまとめます
clamd.conf とは?
ファイルフォーマット
clamd.conf はコメントと引数を伴ったオプションからなる。
各行の先頭が #
の行はコメントになる。
オプションと引数は大文字と小文字を区別する。
引数は以下のタイプからなる。
Type | Description |
---|---|
BOOL | Boolean。 ・true/false ・1/0 ・yes/no |
COMMAND | – |
NUMBER | 数値 |
REGEX | 正規表現 |
SIZE | サイズ。M, m, K, k を利用可能。これらを指定しないと単位はbyteになる |
STRING | ブランクを除く文字列 |
命令
各命令を指定しなかった場合、clamdはデフォルトの挙動をする。
DIRECTIVES | Type | Default |
---|---|---|
Example | — | — |
AlgorithmicDetection | BOOL | yes |
AllowAllMatchScan | BOOL | yes |
AllowSupplementaryGroups | BOOL | no |
ArchiveBlockEncrypted | BOOL | no |
Bytecode | BOOL | yes |
BytecodeMode | STRING | Auto |
BytecodeSecurity | STRING | TrustSigned |
BytecodeTimeout | NUMBER | 5000 |
BytecodeUnsigned | BOOL | no |
CommandReadTimeout | NUMBER | 5 |
CrossFilesystems | BOOL | yes |
DatabaseDirectory | STRING | defined at configuration (/usr/local/share/clamav) |
Debug | BOOL | no |
DetectBrokenExecutables | BOOL | no |
DetectPUA | BOOL | No |
DisableCertCheck | BOOL | no |
ExcludePath | REGEX | disabled |
ExcludePUA | CATEGORY | disabled |
ExitOnOOM | BOOL | no |
ExtendedDetectionInfo | BOOL | no |
FixStaleSocket | BOOL | yes |
FollowDirectorySymlinks | BOOL | no |
FollowFileSymlinks | BOOL | no |
ForceToDisk | – | no |
Foreground | BOOL | no |
HeuristicScanPrecedence | BOOL | no |
IdleTimeout | NUMBER | 30 |
IncludePUA | CATEGORY | disabled |
LeaveTemporaryFiles | BOOL | no |
LocalSocket | STRING | disabled |
LocalSocketGroup | STRING | the primary group of the user running clamd |
LocalSocketMode | STRING | socket is world readable and writable |
LogClean | BOOL | no |
LogFacility | STRING | LOG_LOCAL6 |
LogFile | STRING | disabled |
LogFileMaxSize | SIZE | 1048576 |
LogFileUnlock | BOOL | no |
LogRotate | BOOL | no |
LogSyslog | BOOL | no |
LogTime | BOOL | no |
LogVerbose | BOOL | no |
MaxConnectionQueueLength | NUMBER | 200 |
MaxDirectoryRecursion | NUMBER | 15 |
MaxEmbeddedPE | SIZE | 10M |
MaxFiles | NUMBER | 10000 |
MaxFileSize | SIZE | 25M |
MaxHTMLNormalize | SIZE | 10M |
MaxHTMLNoTags | SIZE | 2M |
MaxIconsPE | SIZE | 100 |
MaxPartitions | SIZE | 50 |
MaxQueue | NUMBER | 100 |
MaxRecHWP3 | NUMBER | 16 |
MaxRecursion | NUMBER | 16 |
MaxScanSize | SIZE | 100M |
MaxScriptNormalize | SIZE | 5M |
MaxThreads | NUMBER | 10 |
MaxZipTypeRcg | SIZE | 1M |
OfficialDatabaseOnly | BOOL | no |
OLE2BlockMacros | BOOL | no |
OnAccessDisableDDD | BOOL | no |
OnAccessExcludePath | STRING | disabled |
OnAccessExcludeUID | NUMBER | disabled |
OnAccessIncludePath | STRING | disabled |
OnAccessMaxFileSize | SIZE | 5M |
OnAccessMountPath | STRING | disabled |
OnAccessPrevention | BOOL | disabled |
PartitionIntersection | BOOL | no |
PCREMatchLimit | NUMBER | 10000 |
PCREMaxFileSize | SIZE | 25M |
PCRERecMatchLimit | NUMBER | 5000 |
PhishingAlwaysBlockCloak | BOOL | no |
PhishingAlwaysBlockSSLMismatch | BOOL | no |
PhishingScanURLs | BOOL | yes |
PhishingSignatures | BOOL | yes |
PidFile | STRING | disabled |
ReadTimeout | NUMBER | 120 |
ScanArchive | BOOL | yes |
ScanELF | BOOL | yes |
ScanHTML | BOOL | yes |
ScanHWP3 | BOOL | yes |
ScanMail | BOOL | yes |
ScanOLE2 | BOOL | yes |
ScanOnAccess | BOOL | disabled |
ScanPartialMessages | BOOL | no |
ScanPDF | BOOL | yes |
ScanPE | BOOL | yes |
ScanSWF | BOOL | yes |
ScanXMLDOCS | BOOL | yes |
SelfCheck | NUMBER | 600 |
SendBufTimeout | NUMBER | 500 |
StatsEnabled | BOOL | no |
StatsHostID | STRING | auto |
StatsPEDisabled | BOOL | no |
StatsTimeout | NUMBER | 10 |
StreamMaxLength | SIZE | 25M |
StreamMaxPort | NUMBER | 2048 |
StreamMinPort | NUMBER | 1024 |
StructuredDataDetection | BOOL | no |
StructuredMinCreditCardCount | NUMBER | 3 |
StructuredMinSSNCount | NUMBER | 3 |
StructuredSSNFormatNormal | BOOL | Yes |
StructuredSSNFormatStripped | BOOL | No |
TCPAddr | STRING | disabled |
TCPSocket | NUMBER | disabled |
TemporaryDirectory | STRING | system specific (usually /tmp or /var/tmp). |
User | STRING | disabled |
VirusEvent | COMMAND | disabled |