AVCTL
Description
Manages antivirus daemon.
Command
avctl [-v] [-o] [-q] [-B] [-r <reload flags>] [-R <reason>] [-s <filepath>] [-b] [--sbx-profile-file <profile>] [--sbx-ctx-file <context>] [-d] [-i] [-l] -h [ --help ] : Display this message -v [ --verbose ] : Enable verbosity -q [ --quiet ] : Do not print the results to standard output -B [ --background ] : Execute in background (will not print the results) -s [ --scan-file ] <file_path> : Scan the given file -b [ --sandboxing ] : Perform a sandboxing analysis (apply only when action is scan-file) --sbx-ctx-file <context> : File containing the sandboxing context parameters --sbx-ctx-src-addr <ip> : sandboxing context source address --sbx-ctx-src-port <port> : sandboxing context source port --sbx-ctx-dst-addr <ip> : sandboxing context destination address --sbx-ctx-dst-port <port> : sandboxing context destination port --sbx-ctx-dst-name <dtsname> : sandboxing context destination name ( only used in ftp and pop3 case ) --sbx-ctx-src-mac <mac> : sandboxing context source mac address --sbx-ctx-user <user> : sandboxing context user --sbx-ctx-is-ssl (0|1) : sandboxing context indicates if the connection is SSL --sbx-ctx-blocked-by (av_filtering|sbx_filtering|antispam) : sandboxing context "blocked by" information --sbx-ctx-media-type (ex: application/pdf) : the media-type of the file --sbx-ctx-submit-file (0|1) : allow sending file to sandboxing --sbx-ctx-proto (HTTP|FTP|SMTP|POP3) : sandboxing context protocol --sbx-ctx-http-method (GET|POST|...) : sandboxing context HTTP method --sbx-ctx-http-url-path-query <url> : sandboxing context HTTP encoded url path and query(ex: "/download.php%3Fparam1%3Dval1%26param2%3Dval2") --sbx-ctx-http-dst-name <destname> : sandboxing context HTTP destination name --sbx-ctx-http-filename <filename> : sandboxing context HTTP file name --sbx-ctx-ftp-command (GET|PUT|...) : sandboxing context FTP command --sbx-ctx-ftp-filename <filename> : sandboxing context FTP file name --sbx-ctx-ftp-filepath <filepath> : sandboxing context FTP file path --sbx-ctx-ftp-is-download (0|1) : sandboxing context FTP indicates if this is a download --sbx-ctx-smtp-sender <sender> : sandboxing context SMTP sender --sbx-ctx-smtp-recipients <recipients> : sandboxing context SMTP recipients list (ex: "foo@domain.com,bar@domain.org") -r [ --reload-config ] (all|verbose|av_engine|av_settings|sbx_settings) : Make avd reload partially or totaly its configuration -d [ --dump-config ] : dump avd current configuration -i [ --dump-db-info ] : dump information about currently loaded Database -l [ --dump-license-info ] : dump information about currently loaded license -R [ --reload-reason ] <reason> : Text to explain why the reload was made -o [ --libxo ] (text|html|xml|json)[,pretty] : specify the output format (default is "text,pretty") --pause : pauses avd scans --resume : resumes avd scans --dump-file <filename> : Ask for a response dump, written to the specified file in json format --include-dir <directory> : Directory hosting flatbuffer definitions (optional) --schema-file <filepath> : Main flatbuffers definition file
Results
A command is sent to avd. Execution will hold until a response is recieved from avd, unless a background exection is asked.