#!/usr/local/bin/bash ################################################################### ################# UVUPDATE-1.3.2 ##################### ################################################################### # Script to automate downloading and installing new DAT files # and new engines from ftp.nai.com for the uvscan 4.x virus # scanner. ################################################################### # $date Wed Jan 30 16:17:43 EDT 2002 ################################################################### # Written by Julio Cesar Covolato and others # from the AMaViS-user list ################################################################### # Read the files README, INSTALL and CHANGES before installing. ################################################################### # ################################################################### # To debug, uncomment the next line: #set +x ################################################################### # ################################################################### # MAKE THE CHOICES AND CHANGES BELOW TO SUIT YOUR SYSTEM: ################################################################### # # # # ################################################################### # SETUP FOR UPDATES FROM DAILYDAT.ZIP OR OFICIAL DAT FILES: ################################################################### # # Do you want to install the _experimental_ "DAILYDAT.ZIP" instead # of the official DAT files? For further information see INSTALL # and the url: # http://www.mcafeeb2b.com/naicommon/avert/avert-research-center/virus-4d.asp # The choices are "yes" or "no". If you choose "yes" it will install # only the beta release, and if you choose "no", only the official # release will be installed. # INSTALL_DAILY="no" #INSTALL_DAILY="yes" URL_DAILYDAT="http://download.nai.com/products/mcafee-avert/daily_dats/DAILYDAT.ZIP" # ################################################ # Setup dir for uvscan binary and URL for NAI: ################################################ uvscan_dir="/usr/local/uvscan/" naisite="ftp://ftpeur.nai.com" ftpsite="${naisite}/pub/antivirus/datfiles/4.x" ############################################### prog=`basename "$0"` host=`hostname` logfile="/var/log/uvupdate" tmpfile="/tmp/$$.txt" ############################################ # Setup paths for commonly used programs: ############################################ grep="/usr/bin/grep" mail="/usr/bin/mail" wget="/usr/local/bin/wget" cut="/usr/bin/cut" tar="/usr/bin/tar" rm="/bin/rm" ls="/bin/ls" chmod="/bin/chmod" sed="/usr/bin/sed" echo="echo -e" unzip="/usr/local/bin/unzip" head="/usr/bin/head" awk="/usr/bin/awk" md5sum="/sbin/md5" tr="/usr/bin/tr" mv="/bin/mv" ################################################################# # Setup email address and subject to notify the administrator # of new versions or problems: ################################################################# mail_to="root" subject_ok="${host}: UVSCAN - New uvscan DAT files installed" subject_bad="${host}: UVSCAN - Something is wrong :(( " subject_nonew="${host}: UVSCAN - uvscan DAT files unchanged" subject_engine_ok="${host}: UVSCAN - New uvscan scan engine installed" subject_engine_bad="${host}: ERROR: UVSCAN NEW ENGINE DOESN'T MATCH MD5" ############################################ # Log choices are: mail, log, none: # Thanks to R.J. Baart ############################################ log_ok="mail" #log_ok="log" #log_ok="none" log_bad="mail" #log_bad="log" #log_bad="none" #log_nonew="mail" log_nonew="log" #log_nonew="none" ############################################################ # Setup wget flags ( see "man 1 wget" ): # If you are behind a firewall, you can add " --passive-ftp". # Thanks to Viraj Alankar ############################################################ wget_opt="-N -q -t 30 --proxy=off --passive-ftp" ################################################################### # You don't need to make changes below this point! ################################################################### if ! cd "${uvscan_dir}" ; then ${echo} "${prog}: ${uvscan} directory does not exist or not enough permissions" exit 1 fi # Get the actual running version of the DAT files and engine: DATVERSION=$(./uvscan --version|${grep} "Virus data file"|${cut} -c 18-21) ENGINE=$(./uvscan --version|${grep} engine|${sed} 's/\.//g'|${cut} -c 14-18) ######################################################## # Get the latest text file info "update.ini" from NAI: # # Thanks to Marcel Hammann # ######################################################## if ! ${wget} ${wget_opt} ${ftpsite}/update.ini ; then ${echo} "${prog}: ${wget} failed, status $?" exit 1 fi # Clean up "update.ini" (msdos ^M) and redirect the output to "uvupdate.ini". # It will look like this: #[Engine-LINUX] #EngineVersion=4160 #FileName=elnx4160.zip #FileSize=888430 #Checksum=5019,9DF8 #MD5=66ea8eef6f548c78ee1095748371eb98 #FilePath=/pub/antivirus/engine/4.x/ #DATVersion=4179 if ! ${sed} 's/.$//' update.ini|${sed} -n /Engine-LINUX/,/FilePath/p > uvupdate.ini; then ${echo} "${prog}: sed failed or can not create uvupdate.ini, status $?" exit 1 fi ${sed} 's/.$//' update.ini|${grep} DATVersion|${head} -1 >> uvupdate.ini # Extract new versions of dat and engine from "uvupdate.ini" DATVERSIONEW=$(${grep} DATVersion uvupdate.ini|${awk} -F= '{print $2}') ENGINENEW=$(${grep} EngineVersion uvupdate.ini|${awk} -F= '{print $2}') ############################################ # Test if there is a new engine available: # ############################################ if [ a${ENGINE} != a${ENGINENEW} ]; then # Get, check md5 and Install the new Engine! # Extract path and filename from "uvupdate.ini" for wget FilePath=$(${grep} FilePath uvupdate.ini|${awk} -F= '{print $2}') FileName=$(${grep} FileName uvupdate.ini|${awk} -F= '{print $2}') ${wget} ${wget_opt} ${naisite}${FilePath}${FileName} #test md5... MD5TXT=$(${grep} MD5 uvupdate.ini|${awk} -F= '{print $2}') MD5FILE=$(${md5sum} $FileName|${awk} -F" " '{print $4}') if [ "a${MD5TXT}" != "a${MD5FILE}" ]; then ${echo} "\n\tMD5 from NAI\t= ${MD5TXT}\n\tMD5 from \ ${FileName}\t= ${MD5FILE}"|"${mail}" -s "${subject_engine_bad}" "${mail_to}" exit 1 else # install it if ! ${unzip} -o ${FileName}; then ${echo} "${prog}: ${unzip} failed, status $?" exit 1 fi ${rm} -f ${FileName} ${echo} "\n\t New engine is $FileName!"|"${mail}" -s "${subject_engine_ok}" "${mail_to}" fi fi ####################################################### # Test if there is a new DAT files version available: # ####################################################### # If you want to update from the DAILYDAT.ZIP only: if [ "a${INSTALL_DAILY}" = "ayes" ]; then # Will make a DAILYDAT directory, if it doesn't aleady exist: if [ -d DAILYDAT ]; then cd DAILYDAT else mkdir DAILYDAT cd DAILYDAT fi # Get md5 from current DAILYDAT.ZIP, or set to "null", # if you are running for the first time or directory has no file: if ! [ -e DAILYDAT.ZIP ]; then MD5DAILY_CUR="null" else MD5DAILY_CUR=$(${md5sum} DAILYDAT.ZIP|${awk} -F" " '{print $1}') fi # Get and unzip the file if there is a new one: ${wget} ${wget_opt} ${URL_DAILYDAT} # Get md5 again and compare if it has changed. Because wget with the flag -N # doesn't show the exit status. IMHO it's a bug in wget: MD5DAILY_NEW=$(${md5sum} DAILYDAT.ZIP|${awk} -F" " '{print $1}') if [ "a${MD5DAILY_CUR}" != "a${MD5DAILY_NEW}" ]; then ${unzip} DAILYDAT.ZIP # Put in downcase and move to ../ for i in $(${ls} -1 *.DAT); do ${mv} -f $i $(${echo} $i | ${tr} A-Z a-z) done ${mv} -f *.dat ${uvscan_dir} DATINFO=$(${uvscan_dir}/uvscan --version|${grep} "Virus\ data") case "${log_ok}" in "log") ${echo} "${subject_ok}\nNew uvscan daily DAT files installed: ${DATINFO}" >> "${logfile}";; "mail") ${echo} "\n\n\n\tNew uvscan daily DAT files installed: ${DATINFO}\n\n\n" > "${tmpfile}"; cat "${tmpfile}"|"${mail}" -s "${subject_ok}" "${mail_to}"; ${rm} -f "${tmpfile}";; "none") ;; *) ${echo} "${prog}: Wrong value of var \$log_ok";; esac # Else, the DAILYDAT.ZIP has not changed fi # Done, Bye bye! exit 0 fi # If your choice is get the official DAT files: if [ "a${DATVERSION}" = "a${DATVERSIONEW}" ]; then case "${log_nonew}" in "log") ${echo} "${subject_nonew}\nThe uvscan DAT files are still up to date!" >>"${logfile}";; "mail") ${echo} "\n\n\n\tThe uvscan DAT files are still up to date!"| \ "${mail}" -s "${subject_nonew}" "${mail_to}";; "none") ;; *) ${echo} "${prog}: Wrong value of var \$log_nonew";; esac exit 0 # No new version! :(( Maybe tomorrow! ) else # Get and Install it!!! if ! ${wget} ${wget_opt} ${ftpsite}/dat-${DATVERSIONEW}.tar ; then ${echo} "${prog}: ${wget} DAT files failed, status $?" exit 1 fi if ! ${tar} xf dat-${DATVERSIONEW}.tar ; then ${echo} "${prog}: ${tar} new DAT files failed, status $?" exit 1 fi if ! ${chmod} 744 *.dat ; then ${echo} "${prog}: ${chmod} DAT files failed, status $?" exit 1 fi fi # We got the new DAT files version installed! Test it: NEWDAT=$(./uvscan --version|${grep} "Virus data file"|${cut} -c 18-21) if [ "a${NEWDAT}" = "a${DATVERSIONEW}" ]; then case "${log_ok}" in "log") ${echo} "${subject_ok}\nNew uvscan DAT files version is: ${NEWDAT}" >> "${logfile}"; ${sed} -n '/"NEW VIRUSES DETECTED AND REMOVED"/,/"UNDERSTANDING VIRUS NAMES"/p' readme.txt >> "${logfile}";; "mail") ${echo} "\n\n\n\tNew uvscan DAT files version is: ${NEWDAT}\n\n\n" > "${tmpfile}"; ${sed} -n '/"NEW VIRUSES DETECTED AND REMOVED"/,/"UNDERSTANDING VIRUS NAMES"/p' readme.txt >> "${tmpfile}"; cat "${tmpfile}"|"${mail}" -s "${subject_ok}" "${mail_to}"; ${rm} -f "${tmpfile}";; "none") ;; *) ${echo} "${prog}: Wrong value of var \$log_ok";; esac ${rm} -f dat-$DATVERSION.tar # We don't need the old version. else case "${log_bad}" in "log") ${echo} "${subject_bad}\nGo there: ${ftpsite}">>"${logile}";; "mail") ${echo} "Go there: ${ftpsite}"|"${mail}" -s "${subject_bad}" "${mail_to}";; "none") ;; *) ${echo} "${prog}: Wrong value of var \$log_ok";; esac fi exit