掲示板お問い合わせランダムジャンプ

トップスペース
rss-reader.png taRgrey  削除ガイドライン  おしらせ  SPAM対策  専属DJのブログ  BOF  SPAM対策別館

2015年02月17日
FreeBSD 9.x amd64 で AVG Server Edition for FreeBSD 設定
FreeBSD 9.x amd64 で稼働しているメールゲートウェイに、
AVG Server Edition for FreeBSDを追加したところ、amavisdと
連動するavgtcpdが起動しないのでlib32関連で必要なライブラリに
シンボリックリンクを張るなどして何とか起動できたので覚え書き。

■ダウンロード
http://free.avg.com/ww-en/download-free-all-product

System requirements
-------------------

AVG Anti-Virus for Linux/FreeBSD requires system with following or
newer library:
- libc.so.6 (Linux)
- libc.so.7 (FreeBSD RELEASE-7.3)
For RELEASE-8 and CURRENT the compat7x port located in /usr/ports/misc is
needed.
- libiconv.so.3 (FreeBSD)
- for amd64 architecture the lib32 compat libraries are needed

--------------------------------------------------------------
との事なので、compat7x とか compat8x とかをインストール。

avg2013ffb-r3115-a6155.i386.tar.gz を解凍して install.sh 実行。
--------------------------------------------------------------

# ./install.sh

Do you agree with the license? (yes/no): yes

Operating system is FreeBSD or its fork PC-BSD, DesktopBSD, ... (amd64) (Y/n): Y
Under which user should AVG Anti-Virus run [root]:
What group should be used for AVG Anti-Virus [bin]:
Creating destination directories...
Installing files...
Creating symlinks...
Installing 'avgd' service initscripts...
Generating uninstall script...
Processing command line ...
Cfg file not specified using /opt/avg/av/cfg/diagcfg.xml.
New installation ID succesffully generated.

AVG Anti-Virus for Linux/FreeBSD successfully installed.

Would you like to display README now? (Y/n): n
Would you like to run AVG setup script now? (Y/n): Y
Checking file avgctl...
Checking file avgcfgctl...

AVG command line setup
Copyright (c) 2013 AVG Technologies CZ

Your location: Start

Welcome to the AVG for Linux/FreeBSD Deployment Wizard.
The Wizard will help you deploy AVG according to your needs.

Please choose what you want to do now:

M) Set up the TCPD protection for E-mail Server
O) Set up On-Access for Real-time protection
E) Exit

Type [M|O|E]: M



AVG command line setup
Copyright (c) 2013 AVG Technologies CZ

Your location: Start -> E-Mail Deployment

Deploying TCPD for E-mail protection

Please select the E-Mail server you want to secure:

D) Auto detection
P) Postfix
S) Sendmail
Q) Qmail
A) Amavisd interface
B) Go to back
E) Exit

Type [D|P|S|Q|A|B|E]: A



AVG command line setup
Copyright (c) 2013 AVG Technologies CZ

Your location: Start -> E-Mail Deployment -> Amavisd-new configuration

AVG for AVG ptotocol configuration - amavisd

Please enter the number of the port for AVG Server configuration (to use the default value 54322, press 'Enter'):
Do you want to enable AVG certification in e-mail body? (y/N): N
Do you want to enable AVG certification in e-mail headers: scan? (Y/n): Y
Do you want to enable AVG certification in e-mail headers: spam? (Y/n): n

Please select a configuration mode:

A) Auto - try to set up the system automatically.
M) Manual - enter the path to a configuration file manually.
B) Go to back
E) Exit
Please type [A|M|B|E]: A
File /usr/local/etc/amavisd.conf is detected

Configuration for /usr/local/etc/amavisd.conf is ready.
Backup of the /usr/local/etc/amavisd.conf file has been created: /usr/local/etc/amavisd.conf_avgbackup.
Do you want to apply the configuration now?
Please type Yes or No: yes
Success
It is necessary to restart the service amavisd. Do you wish to restart the service? (Y/n): n
Service AVG is restarted...


AVG command line setup
Copyright (c) 2013 AVG Technologies CZ

Your location: Exit: Success!

Congratulations, AVG pro Linux/FreeBSD has been deployed successfully.
If you experience problems with AVG, please refer to /opt/avg/av/log/0//deployment.pub.log or contact the technical support.

Please choose what you want to do now:

N) Continue deploying AVG for another kind of protection.
E) Terminate the deployment.

Type [N,E]: E

AVG command line setup
Copyright (c) 2013 AVG Technologies CZ

Your location: Exit

The deployment process has been finished; if needed, please re-launch the 'avgsetup' utility.
Thank you for using AVG for Linux/FreeBSD

Starting AVG AV
Starting avgd (already running with pid: 13799) OK.

--------------------------------------------------------------
起動したデーモンを確認したが、avgtcpd が起動していない。
--------------------------------------------------------------

# ps ax |grep avg
13799 0 S 0:00.76 /opt/avg/av/bin//avgd
13812 0 I 0:00.67 /opt/avg/av/bin/avgavid
13941 0 I 0:00.03 /opt/avg/av/bin/avgsched

--------------------------------------------------------------
ライブラリの認識を確認したところ、いくつか not found に…
--------------------------------------------------------------

# ldd /opt/avg/av/bin/avgtcpd
/opt/avg/av/bin/avgtcpd:
libthr.so.3 => /usr/lib32/libthr.so.3 (0x28125000)
libavgcomm.so => not found (0)
libavgsys.so => not found (0)
libiconv.so.3 => not found (0)
libstdc++.so.6 => /usr/lib32/libstdc++.so.6 (0x28145000)
libm.so.5 => /usr/lib32/libm.so.5 (0x28239000)
libgcc_s.so.1 => /usr/lib32/libgcc_s.so.1 (0x28253000)
libc.so.7 => /usr/lib32/libc.so.7 (0x2825e000)

--------------------------------------------------------------
インストールされた /opt/avg/av/lib/ からシンボリックリンク。
--------------------------------------------------------------

# cd /usr/lib32
# ln -s /opt/avg/av/lib/libavgcomm.so ./libavgcomm.so
# ln -s /opt/avg/av/lib/libavgsys.so ./libavgsys.so

# ldd /opt/avg/av/bin/avgtcpd
/opt/avg/av/bin/avgtcpd:
libthr.so.3 => /usr/lib32/libthr.so.3 (0x28125000)
libavgcomm.so => /usr/lib32/libavgcomm.so (0x28145000)
libavgsys.so => /usr/lib32/libavgsys.so (0x281de000)
libiconv.so.3 => not found (0)
libstdc++.so.6 => /usr/lib32/libstdc++.so.6 (0x2823c000)
libm.so.5 => /usr/lib32/libm.so.5 (0x28330000)
libgcc_s.so.1 => /usr/lib32/libgcc_s.so.1 (0x2834a000)
libc.so.7 => /usr/lib32/libc.so.7 (0x28355000)

--------------------------------------------------------------
libiconv.so.3 は、32bit版のFreeBSDから持ってきて解決したとの
情報を見つけたので、FreeBSD 9.x i386環境のファイルをコピー
--------------------------------------------------------------

# cp ~hoge/libiconv.so.3 ./

# ldd /opt/avg/av/bin/avgtcpd
/opt/avg/av/bin/avgtcpd:
libthr.so.3 => /usr/lib32/libthr.so.3 (0x28125000)
libavgcomm.so => /usr/lib32/libavgcomm.so (0x28145000)
libavgsys.so => /usr/lib32/libavgsys.so (0x281de000)
libiconv.so.3 => /usr/lib32/libiconv.so.3 (0x2823c000)
libstdc++.so.6 => /usr/lib32/libstdc++.so.6 (0x28332000)
libm.so.5 => /usr/lib32/libm.so.5 (0x28426000)
libgcc_s.so.1 => /usr/lib32/libgcc_s.so.1 (0x28440000)
libc.so.7 => /usr/lib32/libc.so.7 (0x2844b000)

--------------------------------------------------------------
起動!
--------------------------------------------------------------

# /usr/local/etc/rc.d/avgd.sh start
Starting avgd (recovering) OK.

# ps ax|grep avg
26092 0 I 0:04.25 /opt/avg/av/bin//avgd
26120 0 I 0:00.03 /opt/avg/av/bin/avgavid
26121 0 S 0:00.10 /opt/avg/av/bin/avgtcpd
26122 0 S 0:07.34 /opt/avg/av/bin/avgscand -c 3
26149 0 I 0:05.72 /opt/avg/av/bin/avgsched


# netstat -an|grep 54322
tcp4 0 0 127.0.0.1.54322 *.* LISTEN

--------------------------------------------------------------
起動出来たので、amavisd.conf のAVG用の設定を有効化。
--------------------------------------------------------------

# vi /usr/local/etc/amavisd.conf

@av_scanners = (

# AVG AV settings
['AVG Anti-Virus',
\&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
qr/^200 [oO][kK]/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ],

--------------------------------------------------------------
amavisdを再起動
--------------------------------------------------------------

# /usr/local/etc/rc.d/amavisd restart

--------------------------------------------------------------
amavisのログに AV-scan-2: の項目が増えているので、
正常に連携出来ている模様。
--------------------------------------------------------------

▼AVG追加前のmaillogのamavisのログ
AV-scan-1: 8 (5%)86,

▼AVG追加後のmaillogのamavisのログ
AV-scan-1: 5 (3%)83, AV-scan-2: 5 (3%)86,

[ 投稿者:Cookie at 16:38 | サーバ設定 | コメント(5) | トラックバック(0) ]

この記事へのコメント
avgupdate 使えない…
# /opt/avg/av/bin/avgupdate -p 2
/usr/lib32/libdialog.so: version VERS_1 required by /opt/avg/av/bin/avgupdate not defined

投稿者: Cookie at 2015-02-17 17:46:54
アップデートは出来ているっぽい
# tail upd.pub.rollog
[AVG.UPD.PUB] INFO 2015-02-17 09:40:00,531 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGUPD.COMPONENT:235.3109.BADF00D.0 MSG:Update initialization started.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:00,532 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGCOMPONENT:287.3109.BADF00D.0 MSG:Component Update starting.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:00,532 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGCOMPONENT:288.3109.BADF00D.0 MSG:Version: 13.0.3109
[AVG.UPD.PUB] INFO 2015-02-17 09:40:00,537 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGCOMPONENT:663.3109.BADF00D.0 MSG:Persistent statistics not implemented.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:00,539 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGUPD.COMPONENT:288.3109.BADF00D.0 MSG:Update initialized.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:04,747 xxxxxxxxxxxxxxx PID:63943 THID:679503616 ID:AVG.UPD.UPDATER:612.3109.BADF00D.0 MSG:Downloading .ctf files.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:05,807 xxxxxxxxxxxxxxx PID:63943 THID:679503616 ID:AVG.UPD.UPDATER:656.3109.BADF00D.0 MSG:Preparing update.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:25,009 xxxxxxxxxxxxxxx PID:63943 THID:679503616 ID:AVG.UPD.UPDATER:681.3109.BADF00D.0 MSG:Finalizing update.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:27,290 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGUPD.COMPONENT:301.3109.BADF00D.0 MSG:Update shutting down.
[AVG.UPD.PUB] INFO 2015-02-17 09:40:27,291 xxxxxxxxxxxxxxx PID:63943 THID:679494400 ID:AVG.LINUX.AVGCOMPONENT:691.3109.BADF00D.0 MSG:Persistent statistics not implemented
投稿者: Cookie at 2015-02-18 09:37:35
/usr/local/bin/avgupdate を使えばOK
# /usr/local/bin/avgupdate
AVG command line update
Copyright (c) 2013 AVG Technologies CZ

Running update.
Initializing...
Downloading file: avg13infolx.ctf
Analyzing...
Analyzing...
Preparing installation...
Updating...
100% [=============================================>]

Update was successfully completed.

投稿者: Cookie at 2015-02-18 10:09:21
amavisd.confの記述
AVGのインストール時にamavisd.confに追加される
@av_scanners の設定だと、ウィルス検出通知メールに検出したウィルスの名称が反映されないので、amavis-newのデフォルトの設定例の記述に変更する必要がある。

■変更前
['AVG Anti-Virus',
\&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
qr/^200 [oO][kK]/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ],

■変更後
['AVG Anti-Virus',
\&ask_daemon, ["SCAN {}\n", '127.0.0.1:54322'],
qr/^200/m, qr/^403/m, qr/^403[- ].*: ([^\r\n]+)/m ],

投稿者: Cookie at 2015-02-19 12:48:50
無題
AVG Server Edition for FreeBSD を稼働させたサーバで、
「Too many open files in system」 とエラーが出たのでひとまず、kern.maxfiles を増やして対応したが、調べてみると、avgscand がスキャンした際の一時ファイル(ディレクトリ)が既に削除されているのにfstatで見ると大量に残っていることが判明。

avgscandがamavisd経由で起動しているので、一時ファイルを削除されたことが分からないのか?

投稿者: Cookie at 2015-02-20 11:47:37

この記事へのトラックバック

この記事へのトラックバックURL
http://shinshu.fm/MHz/77.88/a02343/0000459968.trackback

この記事の固定URL
http://shinshu.fm/MHz/77.88/archives/0000459968.html

記事へのコメント
 
簡単演算認証: 1 x 4 =
計算の答えを半角英数字で入力して下さい。
名前: [必須]
URL/Email:
タイトル:
コメント:
※記事・コメントなどの削除要請はこちら