Beginning with release v1.1.2, it's possible to build custom file scanning when a file is uploaded. This could be used to enhance the Filetransfer appliance with your own Antivirus scanning engine, block word documents based on certain keywords, or build a more granular filetype check that will scan archives and use content-type. To name a few examples. Please post your scripts to the forum.
If the file /usr/local/bin/filescan is executable, it will be executed when a file has completed uploading with the format /usr/local/bin/filescan /path/to/the/uploaded/file. It expects the following exit codes:
| Exit code | Meaning |
|---|---|
| 0 | Allow the file upload to continue |
| >= 1 | Block the file |
If the file is blocked, write one line of output explaining why the file was blocked.
This example doesn't really make sense from a functionality perspective, and it makes it easy to see what to expect.
#!/usr/local/bin/ruby # # Install as /usr/local/bin/filescan and # chmod 755 /usr/local/bin/filescan to make it executable # if ARGV[0] =~ /\.png$/i puts "PNG's are not allowed" exit 1 end
What it does is to check the first argument on the command line (the path to the file), and if the path name ends in ”.png” (case insensitive), it will write on the console that “PNG's are not allowed”, and exit with an exit code of 1.
This will block all png's from being uploaded since any file name ending in .png will generate an exit code of 1, and the message “PNG's are not allowed” will be presented back to the user.
If you wanted to scan inside the file instead, use something like this
#!/bin/sh # # install as /usr/local/bin/filescan and # chmod 755 /usr/local/bin/filescan to make it executable # if [[ `grep secret $1 | wc -l` -gt 0 ]]; then echo "Please don't send secret documents" exit 1 fi