AVCTL

Description

Manages antivirus daemon.

Command

avctl [-v] [-o] [-q] [-B] [-r <reload flags>] [-R <reason>] [-s <filepath>] [-b] [--sbx-profile-file <profile>] [--sbx-ctx-file <context>] [-d] [-i] [-l]
-h [ --help ] : Display this message
-v [ --verbose ] : Enable verbosity
-q [ --quiet ] : Do not print the results to standard output
-B [ --background ] : Execute in background (will not print the results)
-s [ --scan-file ] <file_path> : Scan the given file
-b [ --sandboxing ] : Perform a sandboxing analysis (apply only when action is scan-file)
--sbx-ctx-file <context> : File containing the sandboxing context parameters
--sbx-ctx-src-addr <ip> : sandboxing context source address
--sbx-ctx-src-port <port> : sandboxing context source port
--sbx-ctx-dst-addr <ip> : sandboxing context destination address
--sbx-ctx-dst-port <port> : sandboxing context destination port
--sbx-ctx-dst-name <dtsname> : sandboxing context destination name ( only used in ftp and pop3 case )
--sbx-ctx-src-mac <mac> : sandboxing context source mac address
--sbx-ctx-user <user> : sandboxing context user
--sbx-ctx-is-ssl (0|1) : sandboxing context indicates if the connection is SSL
--sbx-ctx-blocked-by (av_filtering|sbx_filtering|antispam) : sandboxing context "blocked by" information
--sbx-ctx-media-type (ex: application/pdf) : the media-type of the file
--sbx-ctx-submit-file (0|1) : allow sending file to sandboxing
--sbx-ctx-proto (HTTP|FTP|SMTP|POP3) : sandboxing context protocol
--sbx-ctx-http-method (GET|POST|...) : sandboxing context HTTP method
--sbx-ctx-http-url-path-query <url> : sandboxing context HTTP encoded url path and query(ex: "/download.php%3Fparam1%3Dval1%26param2%3Dval2")
--sbx-ctx-http-dst-name <destname> : sandboxing context HTTP destination name
--sbx-ctx-http-filename <filename> : sandboxing context HTTP file name
--sbx-ctx-ftp-command (GET|PUT|...) : sandboxing context FTP command
--sbx-ctx-ftp-filename <filename> : sandboxing context FTP file name
--sbx-ctx-ftp-filepath <filepath> : sandboxing context FTP file path
--sbx-ctx-ftp-is-download (0|1) : sandboxing context FTP indicates if this is a download
--sbx-ctx-smtp-sender <sender> : sandboxing context SMTP sender
--sbx-ctx-smtp-recipients <recipients> : sandboxing context SMTP recipients list (ex: "foo@domain.com,bar@domain.org")
-r [ --reload-config ] (all|verbose|av_engine|av_settings|sbx_settings) : Make avd reload partially or totaly its configuration
-d [ --dump-config ] : dump avd current configuration
-i [ --dump-db-info ] : dump information about currently loaded Database
-l [ --dump-license-info ] : dump information about currently loaded license
-R [ --reload-reason ] <reason> : Text to explain why the reload was made
-o [ --libxo ] (text|html|xml|json)[,pretty] : specify the output format (default is "text,pretty")
--pause : pauses avd scans
--resume : resumes avd scans
--dump-file <filename> : Ask for a response dump, written to the specified file in json format
--include-dir <directory> : Directory hosting flatbuffer definitions (optional)
--schema-file <filepath> : Main flatbuffers definition file

Results

A command is sent to avd. Execution will hold until a response is recieved from avd, unless a background exection is asked.

Example