SSL VPN - LUA and AV Checks

Unanswered Question
Dec 18th, 2009
User Badges:

Hi,


Using the help file I have been able to force a DAP to check for the existance of an AV program...


assert( function()
    for k,v in pairs(endpoint.av) do
        if (EVAL(v.exists, "EQ", "true", "string")) then
            return CheckAndMsg(false, "AV Not Installed.", "AV Installed")
        end
    end
    return CheckAndMsg(true, "Please install antivirus software before connecting.", "Good, AV Installed")
end)()


This JUST checks for the existance of AV.  I have not had any luck combining this with checking for up to date defininitions of any AV client (I'm not a programmer!).


Has anyone done this, or have hints for getting this working?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Paul Carco Thu, 12/31/2009 - 14:14
User Badges:

had this working recently  we want DATs no less  than 15 days old..


EVAL(endpoint.av.McAfeeAV.lastupdate,"LT","1296000","integer")))


15 x 86400 = 1296000  (I am almost certain this is the calculation  ie, 86400 sec's a day)

rrfield Tue, 01/05/2010 - 12:40
User Badges:

That's close to what I found online somewhere, I don't remember where now to give propper credit...this works for any AV program.  I did have to upgrade to a beta version of CSD to get some AV's to work, notably AVG.  This is set to 7 days.


assert(function()
     local block_connection = true
     local update_threshold = "604800"
     for k,v in pairs(endpoint.av) do
          if CheckAndMsg(EVAL(v.exists, "EQ", "true", "string"), nil, k.." is not enabled") then
               if CheckAndMsg((type(v.lastupdate) == "string" and
tonumber(v.lastupdate) ~= nil), nil, "No virus definition file information was received for "..k) then
                    if CheckAndMsg(EVAL(v.lastupdate, "LT", update_threshold, "integer"), nil,
                                   k.." is enabled.  The virus definition file was updated "..string.sub((tonumber(v.lastupdate)/86400), 1, 3).." days ago. Please update to current signatures.") then
                         block_connection = false
                    end
               end
          end
     end
     return block_connection
end)()

Actions

This Discussion

Related Content