ClamAV Scan for Freenas Directories - nivinm/freenas GitHub Wiki

###Prep your jail Create standard jail in Freenas

Jails > Add Jails >

Jail Name: clamav_1

Autostart: X

Login to your freenas through shell

jexec clamav_1 tcsh

cd /mnt

mkdir [directory1] [directory2] ...

*Make the directories that you want to scan

Add all mount points to scan

From freenas: freenas web ui > jails > go to jail name a select > storage > add storage

Mount to the directories you created above

Install ClamAV

Update your ports collection

Run: portsnap fetch

Extract the snapshot

Run: portsnap extract

Install

cd /usr/ports/security/clamav && make install clean BATCH=yes

*BATCH=yes avoids all the prompts

If you get an error, you may need to run the following

cd /usr/ports/ports-mgmt/pkg

make deinstall reinstall

Have ClamAV start on server startup

echo 'clamav_freshclam_enable="YES"' >>/etc/rc.conf

echo 'clamav_clamd_enable="YES"' >>/etc/rc.conf

One time only run

touch /var/run/clamav/clamd.sock

Update ClamAV

freshclam

Start ClamAV

/usr/local/etc/rc.d/clamav-clamd start

Install Mail Server

pkg_add -r ssmtp

Add the following lines to ssmtp.conf

vi /usr/local/etc/ssmtp/ssmtp.conf

root=[gmail email account]

mailhub=smtp.gmail.com:587

AuthUser=[gmail email account]

AuthPass=[gmail email password]

UseSTARTTLS=YES

**Update the users full name **

chpass

Remove all the lines from mailer.conf

vi /etc/mail/mailer.conf

Replace with:

sendmail /usr/local/sbin/ssmtp

send-mail /usr/local/sbin/ssmtp

mailq /usr/libexec/sendmail/sendmail

newaliases /usr/libexec/sendmail/sendmail

hoststat /usr/libexec/sendmail/sendmail

purgestat /usr/libexec/sendmail/sendmail

Schedule your cron jobs in freenas

jexec clamav_1 /mnt/security/scripts/[script name].sh > /mnt/zfs/Security/cron/[log file name].log