#!/bin/sh
# this script uses fget from http://www-dev.cso.uiuc.edu/fget/. Please use
# version 1.2.6 or later, as it fixes problems with Windows NT ftp servers.
# Test file (eicar.com) is scanned by user alias using newly downloaded
# antivirus database, i.e. ~alias/.AVP/AvpUnix.ini should contain
# BasePath=/usr/local/AVP/updates

DAYOFWEEK=`date +%w`
DAYSTAMP=`date +%d%b%Y`

#export http_proxy=
#export ftp_proxy=

AVPDIR="/opt/AVP"
URL="ftp://ftp.kav.ch/updates/"
#URL="ftp://ftp.kaspersky.ru/updates/"

cd $AVPDIR >> $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1
#mkdir -p tmp old >> $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1
#cd tmp > $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1

cd $AVPDIR
/usr/local/bin/fget $URL

#looks like it's up!

BASES=`ls -l BASES`
UPDATES=`ls -l updates`
DIFF=`diff -u BASES updates`
if [ "$BASES" = "$UPDATES" ]; then
	 echo "No changes - exiting"  > $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1
	 exit
fi

#Now run avp against test virus to ensure it's working

#Create test virus file
echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > eicar.com
DD=`su alias -c '/usr/bin/kavscanner eicar.com'`  > $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1
rm -f eicar.com
if [ "`echo $DD|grep \"eicar.com infected: EICAR-Test-File\"`" = '' ]; then
	echo "Didn't detect EICAR test virus - Email admin - exiting"  >> $AVPDIR/update_avp-$DAYOFWEEK.log 2>&1
	(cat<<EOF
From: Virus Scanner Downloader <root>
To: virus-reports@xxx
Subject: Bad update BASE

Transaction log follows:

EOF
cat $AVPDIR/update_avp-$DAYOFWEEK.log
)|/usr/sbin/sendmail -oi -t
	exit
else
	echo "Passed EICAR test - copy new BASES live"
	rm -rf BASES
	cp -a updates BASES
	#Send Email notification
	        (cat<<EOF
From: Virus Scanner Downloader <root>
To: virus-reports@xxx
Subject: Base files updated

Antivirus database updated successfully:

$DIFF

EOF
)|/usr/sbin/sendmail -oi -t
	
fi
