security/clamav: add custom signatures (#1337)

2026-05-22 18:44:07 -07:00 · 2019-05-20 10:46:22 +02:00
parent 8efeec8102
commit d5e94c7239
10 changed files with 205 additions and 5 deletions
@@ -1,6 +1,5 @@
 PLUGIN_NAME=		clamav
-PLUGIN_VERSION=		1.6
-PLUGIN_REVISION=        2
+PLUGIN_VERSION=		1.7
 PLUGIN_COMMENT=		Antivirus engine for detecting malicious threats
 PLUGIN_DEPENDS=		clamav
 PLUGIN_MAINTAINER=	m.muenz@gmail.com
@@ -9,6 +9,11 @@ database updates.
 Plugin Changelog
 ================

+1.7
+
+* Allow addition of external signatures
+* Fix label for JURLBLA signature
+
 1.6

 * Add optional signature sources
@@ -0,0 +1,64 @@
+<?php
+/**
+ *    Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\ClamAV\Api;
+
+use \OPNsense\Base\ApiMutableModelControllerBase;
+
+class UrlController extends ApiMutableModelControllerBase
+{
+    protected static $internalModelName = 'list';
+    protected static $internalModelClass = '\OPNsense\ClamAV\Url';
+
+    public function searchUrlAction()
+    {
+        return $this->searchBase('lists.list', array("enabled", "name", "link"));
+    }
+    public function getUrlAction($uuid = null)
+    {
+        $this->sessionClose();
+        return $this->getBase('list', 'lists.list', $uuid);
+    }
+    public function addUrlAction()
+    {
+        return $this->addBase('list', 'lists.list');
+    }
+    public function delUrlAction($uuid)
+    {
+        return $this->delBase('lists.list', $uuid);
+    }
+    public function setUrlAction($uuid)
+    {
+        return $this->setBase('list', 'lists.list', $uuid);
+    }
+    public function toggleUrlAction($uuid)
+    {
+        return $this->toggleBase('lists.list', $uuid);
+    }
+}
@@ -1,7 +1,7 @@
 <?php

 /*
-    Copyright (C) 2017 Michael Muenz <m.muenz@gmail.com>
+    Copyright (C) 2017-2019 Michael Muenz <m.muenz@gmail.com>
    All rights reserved.

    Redistribution and use in source and binary forms, with or without
@@ -33,6 +33,7 @@ class GeneralController extends \OPNsense\Base\IndexController
    public function indexAction()
    {
        $this->view->generalForm = $this->getForm("general");
+        $this->view->formDialogEditClamavUrl = $this->getForm("dialogEditClamavUrl");
        $this->view->versionForm = $this->getForm("version");
        $this->view->pick('OPNsense/ClamAV/general');
    }
@@ -0,0 +1,20 @@
+<form>
+    <field>
+        <id>list.enabled</id>
+        <label>Enabled</label>
+        <type>checkbox</type>
+        <help>This will enable or disable the list.</help>
+    </field>
+    <field>
+        <id>list.name</id>
+        <label>Name</label>
+        <type>text</type>
+        <help>Set the name for this signatures.</help>
+    </field>
+    <field>
+        <id>list.link</id>
+        <label>URL</label>
+        <type>text</type>
+        <help>URL of the signature database.</help>
+    </field>
+</form>
@@ -191,7 +191,7 @@
    </field>
    <field>
        <id>general.fc_jurlbla</id>
-        <label>Add BLURL Signatures</label>
+        <label>Add JURLBLA Signatures</label>
        <type>checkbox</type>
        <help>Activate third party signatures from Sanesecurtiy JURLBLA. Use at your own risk.</help>
    </field>
@@ -0,0 +1,31 @@
+<?php
+
+/*
+    Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+    All rights reserved.
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+
+namespace OPNsense\ClamAV;
+
+use OPNsense\Base\BaseModel;
+
+class Url extends BaseModel
+{
+}
@@ -0,0 +1,23 @@
+<model>
+    <mount>//OPNsense/clamav/url</mount>
+    <description>ClamAV List configuration</description>
+    <version>0.0.1</version>
+    <items>
+        <lists>
+            <list type="ArrayField">
+                <enabled type="BooleanField">
+                    <default>1</default>
+                    <Required>Y</Required>
+                </enabled>
+                <name type="TextField">
+                    <Required>Y</Required>
+                </name>
+                <link type="TextField">
+                    <Required>Y</Required>
+                    <mask>/^https?:\/\/.*$/i</mask>
+                    <ValidationMessage>URL has to start with http:// or https://</ValidationMessage>
+                </link>
+            </list>
+        </lists>
+    </items>
+</model>
@@ -1,7 +1,7 @@
 {#

 OPNsense® is Copyright © 2014 – 2017 by Deciso B.V.
-This file is Copyright © 2017 by Michael Muenz <m.muenz@gmail.com>
+This file is Copyright © 2017 – 2019 by Michael Muenz <m.muenz@gmail.com>
 All rights reserved.

 Redistribution and use in source and binary forms, with or without modification,
@@ -34,6 +34,7 @@ POSSIBILITY OF SUCH DAMAGE.

 <ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
    <li class="active"><a data-toggle="tab" href="#general">{{ lang._('General') }}</a></li>
+    <li><a data-toggle="tab" href="#lists">{{ lang._('Signatures') }}</a></li>
    <li><a data-toggle="tab" href="#versions">{{ lang._('Versions') }}</a></li>
 </ul>

@@ -52,8 +53,38 @@ POSSIBILITY OF SUCH DAMAGE.
            {{ partial("layout_partials/base_form",['fields':versionForm,'id':'frm_version'])}}
        </div>
    </div>
+    <div id="lists" class="tab-pane fade in">
+        <table id="grid-lists" class="table table-responsive" data-editDialog="dialogEditClamavUrl">
+            <thead>
+                <tr>
+                    <th data-column-id="enabled" data-type="string" data-formatter="rowtoggle">{{ lang._('Enabled') }}</th>
+                    <th data-column-id="name" data-type="string" data-visible="true">{{ lang._('Name') }}</th>
+                    <th data-column-id="link" data-type="string" data-visible="true">{{ lang._('URL') }}</th>
+                    <th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
+                    <th data-column-id="commands" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
+                </tr>
+            </thead>
+            <tbody>
+            </tbody>
+            <tfoot>
+                <tr>
+                    <td colspan="5"></td>
+                    <td>
+                        <button data-action="add" type="button" class="btn btn-xs btn-default"><span class="fa fa-plus"></span></button>
+                    </td>
+                </tr>
+            </tfoot>
+        </table>
+        <div class="col-md-12">
+            <hr />
+            <button class="btn btn-primary"  id="saveAct_url" type="button"><b>{{ lang._('Save') }}</b><i id="saveAct_url_progress"></i></button>
+            <br /><br />
+        </div>
+    </div>
 </div>

+{{ partial("layout_partials/base_dialog",['fields':formDialogEditClamavUrl,'id':'dialogEditClamavUrl','label':lang._('Edit Signature URLs')])}}
+
 <script>
 function timeoutCheck() {
    ajaxCall(url="/api/clamav/service/freshclam", sendData={}, callback=function(data,status) {
@@ -80,6 +111,16 @@ $( document ).ready(function() {
        $('.selectpicker').selectpicker('refresh');
    });

+    $("#grid-lists").UIBootgrid(
+        {   'search':'/api/clamav/url/searchUrl',
+            'get':'/api/clamav/url/getUrl/',
+            'set':'/api/clamav/url/setUrl/',
+            'add':'/api/clamav/url/addUrl/',
+            'del':'/api/clamav/url/delUrl/',
+            'toggle':'/api/clamav/url/toggleUrl/'
+        }
+    );
+
    ajaxCall(url="/api/clamav/service/status", sendData={}, callback=function(data,status) {
        updateServiceStatusUI(data['status']);
    });
@@ -107,6 +148,15 @@ $( document ).ready(function() {
        });
    });

+    $("#saveAct_url").click(function(){
+        saveFormToEndpoint(url="/api/clamav/url/set", formid='frm_general_settings',callback_ok=function(){
+        $("#saveAct_url_progress").addClass("fa fa-spinner fa-pulse");
+            ajaxCall(url="/api/clamav/service/reconfigure", sendData={}, callback=function(data,status) {
+                $("#saveAct_url_progress").removeClass("fa fa-spinner fa-pulse");
+            });
+        });
+    });
+
    $("#dl_sig").click(function(){
        $("#dl_sig_progress").addClass("fa fa-spinner fa-pulse");
        $("#dl_sig").prop("disabled", true);
@@ -30,6 +30,13 @@ DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hd
 DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb
 DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb
 {% endif %}
+{% if helpers.exists('OPNsense.clamav.url.lists.list') %}
+{%   for sig_list in helpers.toList('OPNsense.clamav.url.lists.list') %}
+{%     if sig_list.enabled == '1' %}
+DatabaseCustomURL {{ sig_list.link }}
+{%     endif %}
+{%   endfor %}
+{% endif %}
 NotifyClamd /usr/local/etc/clamd.conf
 {% if helpers.exists('OPNsense.clamav.general.fc_databasemirror') and OPNsense.clamav.general.fc_databasemirror != '' %}
 DatabaseMirror {{ OPNsense.clamav.general.fc_databasemirror }}