[ENHANCEMENT] [DEV] Clamav on remote docker/socket

bunkerity / bunkerweb

🛡️ Open-source and next-generation Web Application Firewall (WAF)

https://www.bunkerweb.io

GNU Affero General Public License v3.0

6.39k stars 360 forks source link

[ENHANCEMENT] [DEV] Clamav on remote docker/socket #137

Closed thelittlefireman closed 3 years ago

thelittlefireman commented 3 years ago

Description Hi, due to the remove of Clamav, could it be possible to still scanning files from a remote container by port or socket connection ? https://github.com/bunkerity/bunkerized-nginx/commit/a991b262efdf192c38296c594b85a1579d0e7f5e https://github.com/mko-x/docker-clamav Thanks a lot

fl0ppy-d1sk commented 3 years ago

Might be a good idea to avoid the GPL "poisoning" and keep bunkerized-nginx lighter. It's also better in clustered environments IMO. I plan to add a plugin system so we can easily write and include new security tools like that. Maybe we can use the "remote ClamAV support" as a POC for a first plugin :)

fl0ppy-d1sk commented 3 years ago

Hello @thelittlefireman,

The plugins system is now integrated into the current version. A first version of the ClamAV plugin is also available (example here). Feel free to test it if you want and report any bug.