#!/bin/bash

# Script freely provided by Bill Landry (bill@inetmsg.com)
#
# Version 1.4 (last updated 7/13/07)
#   - Added checks to verify that the database files exist,
#     and if not, do an initial download, decompress and test
#   - Added variables for clamav signatures location path and
#     clamd user account (the account that clamd runs under)
#   - Added/modified script comments
#
# Version 1.3
#   - Added checks to either confirm the existance of the
#     temporary working directories or to create them
#   - Changed "cp --reply=yes" to "cp -f".  If this
#     causes problems with older versions of "cp",
#     you will need to change it back.
#
# Version 1.2
#   - Repointed URIs for SaneSecurity downloads to
#     the new mirror redirect links
#
# Version 1.1
#   - Converted MSRBL downloads from curl to rsync
#
# Version 1.0 (initial script created)

####################################################################
# SCRIPT USER EDIT SECTION - SET PROGRAM PATHS AND OTHER VARIABLES #
####################################################################

# Either set and export PATH ...
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/home/admispconfig/ispconfig/tools/clamav/bin
export PATH

# Edit quoted variables below to meet your own particular
# needs/requirements, but do not remove the "quote" marks
 
# ... or set individual program paths
#clamd="/usr/local/sbin/clamd"
clamscan="/home/admispconfig/ispconfig/tools/clamav/bin/clamscan"
#curl="/usr/local/bin/curl"
#gunzip="/bin/gunzip"
#rsync="/usr/bin/rsync"
#service="/sbin/service"
#test="/usr/bin/test"

# Set path to ClamAV signature files location and ClamD user account
clam_sigs="/home/admispconfig/ispconfig/tools/clamav/share/clamav"
clam_user="admispconfig"

# Set temp working directory paths (edit to meet your own needs)
tmp_dir="/var/tmp/clamdb"
rsync_dir="/var/tmp/rsync"

################################################################################
# END OF SCRIPT USER EDIT SECTION - YOU SHOULD NOT NEED TO EDIT ANYTHING BELOW #
################################################################################

# Check to see if the working directories shown above were created.
# If not, create them.  Otherwise, ignore and proceed with script
mkdir -p $tmp_dir $rsync_dir

# Change shell to ClamAV database directory (change path if necessary)
cd $clam_sigs

echo =================================
echo SaneSecurity SCAM Database Update
echo =================================
echo
# Check for existing SaneSecurity SCAM database file.  If it exists then
# run update check.  Otherwise, just download and extract the database file.
if [ ! -s scam.ndb ]
   then
      curl -L -R -o $tmp_dir/scam.ndb.gz \
         http://www.sanesecurity.com/clamav/scamsigs/scam.ndb.gz
            test -s $tmp_dir/scam.ndb.gz && \
            gunzip -cdf $tmp_dir/scam.ndb.gz > $tmp_dir/scam.ndb && \
            mv -f $tmp_dir/scam.ndb.gz . && \
            clamscan --quiet -d $tmp_dir/scam.ndb - < /dev/null && \
            mv -f $tmp_dir/scam.ndb .
   else
      curl -L -R -z scam.ndb.gz -o $tmp_dir/scam.ndb.gz \
         http://www.sanesecurity.com/clamav/scamsigs/scam.ndb.gz
            test -s $tmp_dir/scam.ndb.gz && \
            gunzip -cdf $tmp_dir/scam.ndb.gz > $tmp_dir/scam.ndb && \
            mv -f $tmp_dir/scam.ndb.gz . && \
            clamscan --quiet -d $tmp_dir/scam.ndb - < /dev/null && \
            cp -f scam.ndb scam.ndb-bak && \
            mv -f $tmp_dir/scam.ndb .
fi

echo
echo ==================================
echo SaneSecurity PHISH Database Update
echo ==================================
echo
# Check for existing SaneSecurity PHISH database file.  If it exists then
# run update check.  Otherwise, just download and extract the database file.
if [ ! -s phish.ndb ]
   then
      curl -L -R -o $tmp_dir/phish.ndb.gz \
         http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz
            test -s $tmp_dir/phish.ndb.gz && \
            gunzip -cdf $tmp_dir/phish.ndb.gz > $tmp_dir/phish.ndb && \
            mv -f $tmp_dir/phish.ndb.gz . && \
            clamscan --quiet -d $tmp_dir/phish.ndb - < /dev/null && \
            mv -f $tmp_dir/phish.ndb .
   else
      curl -L -R -z phish.ndb.gz -o $tmp_dir/phish.ndb.gz \
         http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz
            test -s $tmp_dir/phish.ndb.gz && \
            gunzip -cdf $tmp_dir/phish.ndb.gz > $tmp_dir/phish.ndb && \
            mv -f $tmp_dir/phish.ndb.gz . && \
            clamscan --quiet -d $tmp_dir/phish.ndb - < /dev/null && \
            cp -f phish.ndb phish.ndb-bak && \
            mv -f $tmp_dir/phish.ndb .
fi

echo
echo ==========================
echo MSRBL SPAM Database Update
echo ==========================
# Check for existing MSRBL SPAM database file.  If it exists then run
# update check.  Otherwise, just download and extract the database file.
if [ ! -s MSRBL-SPAM.ndb ]
   then
      rsync -t --stats rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb \
         $rsync_dir/MSRBL-SPAM.ndb
            cp -p $rsync_dir/MSRBL-SPAM.ndb $tmp_dir && \
            test -s $tmp_dir/MSRBL-SPAM.ndb && \
            clamscan --quiet -d $tmp_dir/MSRBL-SPAM.ndb - < /dev/null && \
            mv -u $tmp_dir/MSRBL-SPAM.ndb .
   else
      rsync -tu --stats rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb \
         $rsync_dir/MSRBL-SPAM.ndb
            test $rsync_dir/MSRBL-SPAM.ndb -nt MSRBL-SPAM.ndb && \
            cp -p $rsync_dir/MSRBL-SPAM.ndb $tmp_dir && \
            test -s $tmp_dir/MSRBL-SPAM.ndb && \
            clamscan --quiet -d $tmp_dir/MSRBL-SPAM.ndb - < /dev/null && \
            cp -f MSRBL-SPAM.ndb MSRBL-SPAM.ndb-bak && \
            mv -u $tmp_dir/MSRBL-SPAM.ndb .
fi

echo
echo ===========================
echo MSRBL IMAGE Database Update
echo ===========================
# Check for existing MSRBL IMAGES database file.  If it exists then run
# update check.  Otherwise, just download and extract the database file.
if [ ! -s MSRBL-Images.hdb ]
   then
      rsync -t --stats rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb \
         $rsync_dir/MSRBL-Images.hdb
            cp -p $rsync_dir/MSRBL-Images.hdb $tmp_dir && \
            test -s $tmp_dir/MSRBL-Images.hdb && \
            clamscan --quiet -d $tmp_dir/MSRBL-Images.hdb - < /dev/null && \
            mv -u $tmp_dir/MSRBL-Images.hdb .
   else
      rsync -tu --stats rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb \
         $rsync_dir/MSRBL-Images.hdb
            test $rsync_dir/MSRBL-Images.hdb -nt MSRBL-Images.hdb && \
            cp -p $rsync_dir/MSRBL-Images.hdb $tmp_dir && \
            test -s $tmp_dir/MSRBL-Images.hdb && \
            clamscan --quiet -d $tmp_dir/MSRBL-Images.hdb - < /dev/null && \
            cp -f MSRBL-Images.hdb MSRBL-Images.hdb-bak && \
            mv -u $tmp_dir/MSRBL-Images.hdb .
fi

# Set appropriate file access permissions
chown -R $clam_user:$clam_user $clam_sigs

# Remove any leftover files in the $tmp_dir working directory
# (should only happen when a corrupted database is detected)
rm -f $tmp_dir/*

# Reload databases (should not be necessary if you have "SelfCheck"
# enabled in clamd.conf and/or "NotifyClamd" enabled in freshclam.conf)
#service clamd reload