Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: bobert312 on August 23, 2017, 04:48:23 PM
-
Ths morning I received a notification that the freshclam update failed. Now some of the outgoing mail isn't arriving at the destination but others are which makes no sense to me. Some advice on what to check would be greatly appreciated.
-
freshclam failing shouldn't be a big issue if it's rare (it can be for example that you lost connectivity for a few minutes at the wrong hour for example). Why do you think it's related to email not arriving at destination ? You should have a look at /var/log/qmail/current to see what's happening to those emails, but if the problem was related to clamav, your client (eg Thunderbird) would be informed immediatly of the reject
-
I get every hour e-mail notification that freshclam failed.
After I try manually to start freshclam I got:
# freshclam
ClamAV update process started at Wed Aug 23 20:15:31 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 20:15:37 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Trying host db.local.clamav.net (195.222.33.229)...
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 20:15:42 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 20:15:48 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Trying host db.local.clamav.net (195.222.33.229)...
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 20:15:53 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 20:15:58 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
ERROR: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
ERROR: Can't download daily.cvd from db.local.clamav.net
Giving up on db.local.clamav.net...
ClamAV update process started at Wed Aug 23 20:15:59 2017
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
ERROR: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on database.clamav.net (IP: 195.222.33.229)
ERROR: Can't download daily.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
-
I follow-up http://www.clamav.net/documents/official-mirror-faq (http://www.clamav.net/documents/official-mirror-faq) - clean up /var/clamav and then freshclam successfully updates, BUT than trying incremental it again fails.
# freshclam
ClamAV update process started at Wed Aug 23 21:01:18 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr )
WARNING: getfile: daily-23698.cdiff not found on db.local.clamav.net (IP: 193.92 .150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229 )
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 21:02:04 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr )
WARNING: getfile: daily-23698.cdiff not found on db.local.clamav.net (IP: 193.92 .150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229 )
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 21:02:31 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr )
Trying host db.local.clamav.net (193.92.150.194)...
WARNING: getfile: daily-23698.cdiff not found on db.local.clamav.net (IP: 193.92.150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 21:03:00 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host db.local.clamav.net (IP: 193.92.150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 21:03:36 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Trying host db.local.clamav.net (193.92.150.194)...
WARNING: getfile: daily-23698.cdiff not found on db.local.clamav.net (IP: 193.92.150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
WARNING: Can't download daily.cvd from db.local.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 23 21:04:07 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Trying host db.local.clamav.net (193.92.150.194)...
WARNING: getfile: daily-23698.cdiff not found on db.local.clamav.net (IP: 193.92.150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
ERROR: getpatch: Can't download daily-23698.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on db.local.clamav.net (IP: 195.222.33.229)
ERROR: Can't download daily.cvd from db.local.clamav.net
Giving up on db.local.clamav.net...
ClamAV update process started at Wed Aug 23 21:04:32 2017
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Trying host database.clamav.net (193.92.150.194)...
WARNING: getfile: daily-23698.cdiff not found on database.clamav.net (IP: 193.92.150.194)
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-23698.cdiff from database.clamav.net
ERROR: getpatch: Can't download daily-23698.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: getfile: daily.cvd not found on database.clamav.net (IP: 195.222.33.229)
ERROR: Can't download daily.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
-
Been suffering freshclam update failed since 0222UTC this moring. All but three of the roughly hourly updates has failed. Found the "freshclam --list-mirrors" command, that listed 43 mirror IPs but only four with todays date and all four set to Ignore. A DNS lookup of database.clamav.net only returns four IPs, yep the four set to ignore.
Deleted /var/clamav/mirrors.dat, ran freshclam -v, I didn't think it was 100% succesfull and all four IP's got listed as ignore. Deleted mirrors.dat again and subseqent runs say it says it is up todate. Now waiting for the release of an update to see what happens.
Why has it fallen over? It looks like there have been some changes to the mirrors or at least what the DNS returns for database.clamav.net. In that list of 43 mirrors there was one or two from last year, and about half of the rest from February and the rest from the last day or two. Most not set to ignore but as none of those are returned by the DNS lookup aren't used. Don't know why the mirrors aren't maintaining sync though, some unexpected consequence?
-
https://www.clamav.net/documents/official-mirror-faq
probably an issue with clamav mirror, just wait 24 more hours to see it to resolve by itself.
-
Agreed, not an SME Server problem. The occasional freshclam update does fail, "occasional" being once or twice a year. Not like today with almost every attempt to update failling for over 18 hours. I got fed up with the emails and waiting for it to sort itself out. My system has now done a succesful automatic update using just a single mirror at 2127UTC.
-
allsorts
The update fails this way probably once a year for the last 10 years or so. It's just a temporary problem, & usually self fixes within a day or two, so be patient.
-
Still a pain in the nether regions, been over 30 hrs now down here, longest one for some time
-
Same for me about two days [UK] so today;
# rm /var/clamav/mirrors.dat
# freshclam -v
twice now have ;
ClamAV update process started at Thu Aug 24 10:10:38 2017
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 180
Software version from DNS: 0.99.2
main.cvd version from DNS: 58
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
daily.cvd version from DNS: 23705
daily.cld is up to date (version: 23705, sigs: 1742511, f-level: 63, builder: neo)
bytecode.cvd version from DNS: 309
bytecode.cld is up to date (version: 309, sigs: 69, f-level: 63, builder: bbaker)
Lets see :)
-
I don't know if this is associated with the problem I'm having or not. The outgoing emial doesn't seem to be working. Sometimes it will go out but takes over 2 hours to get to the destination, other times it never arrives. I tried the "fix" for clamav and the mail worked again but now has stopped once again. What do I need to check?
-
Like I said, you should check /var/log/qmail/current
-
/usr/bin/refreshclam
seems to fix it.
See here:
https://wiki.contribs.org/Clamav:freshclam_update
-
The output from /var/log/qmail/current
Shows several of these entries which vary slightly
I replaced our actual ip with XX.XX.XXX.XX for security. I suppose this means that one of our clients has picked up a virus.
@40000000599ef6ed1f0b22cc delivery 659232: deferral: Connected_to_98.136.216.25_but_sender_was_rejected./Remote_host_said:_421_4.7.0_[TSS04]_Messages_from_XX.XX.XXX.XXX_temporarily_deferred_due_to_user_complaints_-_4.16.55.1;_see_https://help.yahoo.com/kb/postmaster/SLN3434.html/
maybe, but this message is OT in this TOpic.. I'll split it to another one
-
see/follow https://forums.contribs.org/index.php/topic,53276.0.html
-
This is getting beyond a joke, still not resolving for me down here..
yes /usr/bin/refreshclam has been used 24, 12 hrs ago, and now..still borked
How to turn off failure email?
-
This is getting beyond a joke, still not resolving for me down here..
yes /usr/bin/refreshclam has been used 24, 12 hrs ago, and now..still borked
How to turn off failure email?
Disable email anti virus scan in server manager.
-
Sweet - Ta :-)
-
Finally got it to update, added, just one server, another two still borked..FML :-):
https://forums.contribs.org/index.php/topic,49578.msg248940.html#msg248940
# Shutdown clam so clamd.socket file is removed
service clamd stop
# Navigate to clamav folder
cd /var/clamav
# Remove ALL files from folder to provide clean slate for update process
rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety)
# Restart clam
service clamd start
# Update sigs
freshclam -v (--no-dns can be used if just -v fails tho I haven't struck this issue)
Surprised the /usr/bin/refreshclam wasn't doing the job
-
I'm still having no luck, it seems that all the database files have been removed from the Clamav web sites. If I look at https://www.clamav.net/downloads and open the Virus Database link the three files are listed but clicking on any of them returns a 404 error.
If I do a freshclam -v it fails trying to connect to http://db.local.clamav.net/main.cvd, if I try wget I get the following.
wget http://db.local.clamav.net/main.cvd
--2017-08-25 10:02:22-- http://db.local.clamav.net/main.cvd
Resolving db.local.clamav.net... 193.1.193.64
Connecting to db.local.clamav.net|193.1.193.64|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2017-08-25 10:02:22 ERROR 404: Not Found.
-
I'm still having no luck, it seems that all the database files have been removed from the Clamav web sites
Yep still up the shite :-), managed to get one update to happen and have had no luck since..
-
Disable email anti virus scan in server manager.
Na, doesn't stop the clam update failure email to admin...
-
So: http://blog.clamav.net/2017/08/cvd-download-issues-for-august-23-2017.html
and
http://lists.clamav.net/pipermail/clamav-users/2017-August/004990.html
Non techy speak, sit on your arse and wait :-)
-
Na, doesn't stop the clam update failure email to admin...
My bad, i understood that you were not able to recieve or send email by "failure email", misread it to email failure.....
You could maybe ask a nfr as abug to have this logged instead of a mail... plus an email every day if it has failed for more 24h ie db older than 24h.
So: http://blog.clamav.net/2017/08/cvd-download-issues-for-august-23-2017.html
and
http://lists.clamav.net/pipermail/clamav-users/2017-August/004990.html
Non techy speak, sit on your arse and wait :-)
As i said earlier.
-
While clam updates are mostly back now, still having occasional update failure .. pain in the !@#$
-
Hi all,
A friend had same problem for two days. From my server, I copied /var/clamav/daily.cld to his server then freshclam -v.
All started working correctly; the files daily.cld and mirrors.dat got updated.
Michel-André
-
Michelandre,
maybe you can update this page https://wiki.contribs.org/Clamav:freshclam_update with you findings please?
TIA
-
Clamav mailing lists..
This, put it in your bag of last option solutions..
http://lists.clamav.net/pipermail/clamav-users/2017-August/005014.html
Added :
For those of us living on the underside of the planet freshclam.conf has
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
Both resolve to only one ip 193.1.193.64 and that is being problematic, so whatever you do even using the wikis refreshclam it always resolves, for those in OZ, maybe NZ as well, to that ip, and as its up and down, so you get the update failures that are still happening down here. Works for a while then borks again.
So I have done as suggested in the clamav ML, link above, and now pull from a german mirror :-)
When the Oz mirror settles down and behaves I will reset the freshclam.conf back to its default settings
-
Bloody hell, and when you go looking for location of that supposedly "local" ip,
inetnum: 193.1.193.0 - 193.1.193.127
org: ORG-HA8-RIPE
netname: HEANET-MIRROR
descr: Network for ftp.heanet.ie services
descr: Mirror Mirror on the wall who is the
descr: fairest FTP server of them all
country: IE
-
As Terry pointed out this is an issue with clamav mirrors and is particularly bad for the upsidedowners.
It is well worth keeping an eye on the clamav list.
-
maybe we could implement a faster and functional mirror script that run every weeks to choose first mirror in the freshclam conf file...
-
The problem for us down here is that freschlam.conf has this
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
For us down here that resolves to one IP and that is not even in our hemisphere, any issues with the route to there, whooshaka, we are effed..hence why I temporarily set my *.conf to:
DatabaseMirror db.DE.clamav.net
DatabaseMirror database.clamav.net
At least allowed updates Now back to default, all is working as it should
-
hence why I temporarily set my *.conf to:
DatabaseMirror db.DE.clamav.net
DatabaseMirror database.clamav.net
Problem I encountered doing this is that freshclam.conf gets regenerated even without a reboot/reconfigure, nuking the workaround. Probably why someone reported the workaround only worked for a while.
I guess this will need to go into a new template fragment to be useful so it survives...a task for more time...
In response to a previous comment by TerryF, yes, this is also affecting NZ and is a pain in the proverbials.....
-
I guess we need to fix this soonish. Is there no one in the Clam community thinking about a work around?
-
TerryF has posted the link to the Clam community which contains their workaround, albeit not a strong workaround however as I found, the templating system seems to add an additional layer of complexity to the workaround.
IMHO, the whole situation is less than satisfactory at present but that is one of the joys of the open-source community we must live with.....
-
config setprop clamav DatabaseMirror your_preferred_mirror
expand-template /etc/freshclam.conf
am I missing anything obvious or this is the right way to change the DatabaseMirror property?
-
p-jones & Terry
with deference to Stefano I wrote this while you were replying
I took the cue from Terrys earlier message & external link.
Yes it seems freshclam.conf does get regenerated
I made a custom template & all works fine now using db.de.clamav.net
mkdir -p /etc/e-smith/templates-custom/etc/freshclam.conf
cp /etc/e-smith/templates/etc/freshclam.conf/DatabaseMirror /etc/e-smith/templates-custom/etc/freshclam.conf/
nano -w /etc/e-smith/templates-custom/etc/freshclam.conf/DatabaseMirror
edit to read
{
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
$OUT = "DatabaseMirror db.de.clamav.net\n";
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
$OUT .= "DatabaseMirror db.de.clamav.net";
}
Save
Ctrl + o
signal-event email-update
refreshclam
Should work OK after that.
When external issues are resolved later, remove the custom template & run
signal-event email-update
I even wonder (not tried coz I'm busy enough) if it's just as simple/easier to change the db property for clamav
config show clamav
config setprop clamav DatabaseMirror db.de.clamav.net
signal-event email-update
-
Sweet janet..
config setprop clamav DatabaseMirror your_preferred_mirror
expand-template /etc/freshclam.conf
am I missing anything obvious or this is the right way to change the DatabaseMirror property?
No, but for a quick and easy fix to run freshclam once to ensure an update, for me it was easier and quicker to just add the databasemirror to something that is up and working and the clam ML gave the answer.
DatabaseMirror 180.92.182.5
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
I didn't even delete the default setting of "local" just added a DatabaseMirror=working_ipaddress before it, see clamav ML.
I hunted the problem down, the why etc, I found a quick and easy solutiuon that allowed me to update clam on 4 systems, and to stop the effing failure emails filling up my inbox..
It worked for me, and that all that matters :-)
and yes janet it did cross my mind to do a custom template, being me, the quick dirty way was easierr :-)
-
I would not change the second mirror host..
BTW, if you really want to change it, just edit your fragment to use some info you can store in the db..
something like
{
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
$OUT = "DatabaseMirror $clamav{DatabaseMirror}\n";
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
$OUT = "DatabaseMirror $clamav{DatabaseMirror2}\n";
}
in this way you can keep your custom fragment and edit both the lines; just store the info with
config setprop clamav DatabaseMirror2 your_other_mirror
finally, since the second line is a fall back, setting the same value for both lines makes no sense to me..
-
for all the guys in the other part of the world, take a look here:
https://www.clamav.net/documents/mirrors
is there anyone interested directly (or not) to create a new clamav mirror?
another (partial) solution is to setup a private mirror (see https://www.clamav.net/documents/private-local-mirrors) and use it for all your servers.. in this way you have only one machine to keep updated, all others will update from your server
-
Thanks Stefano..
Even tried downloading the cvd files from the clam site, no joy, why? because the url resolves to the ip in Ireland that we are being directed to by the conf file etc for updates hate them :-)
-
try using db.us.clamav.net ad your databasemirror
stefano@stefano-HP ~ $ host db.us.clamav.net
db.us.clamav.net is an alias for db.us.big.clamav.net.
db.us.big.clamav.net has address 155.98.64.87
db.us.big.clamav.net has address 168.143.19.95
db.us.big.clamav.net has address 194.8.197.22
db.us.big.clamav.net has address 194.186.47.19
db.us.big.clamav.net has address 198.148.78.4
db.us.big.clamav.net has address 200.236.31.1
db.us.big.clamav.net has address 204.130.133.50
db.us.big.clamav.net has address 207.57.106.31
db.us.big.clamav.net has address 208.72.56.53
db.us.big.clamav.net has address 64.6.100.177
db.us.big.clamav.net has address 64.22.33.90
db.us.big.clamav.net has address 69.12.162.28
db.us.big.clamav.net has address 69.163.100.14
db.us.big.clamav.net has address 104.131.196.175
db.us.big.clamav.net has address 128.199.133.36
db.us.big.clamav.net has address 150.214.142.197
BTW, we'd modify the DatabaseMirror fragment to use a list of hosts
{
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
foreach my $host (split(',', ${clamav}{DatabaseMirror}))
{
$OUT .= "DatabaseMirror $host\n";
}
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
$OUT .= "DatabaseMirror database.clamav.net";
}
storing all the mirrors we want with
config setprop clamav DatabaseMirror host1,host2,...,hostn
the order of the hostnames will define their priority
NB: not tested, just an idea
Edit: corrected my code, now it's working as expected
-
just keeping thinking loud, maybe mine is not a solution, 'cause in freshclam.conf's man page there's no mention about how many lines will be used..
it says
DatabaseMirror STRING
DatabaseMirror specifies to which mirror(s) freshclam should connect. You should have at least two entries: db.XY.clamav.net (or db.XY.ipv6.clamav.net for IPv6) and database.clamav.net (in this order). Please replace XY with your country code (see http://www.iana.org/cctld/cctld-whois.htm). database.clamav.net is a round-robin record which points to our most reliable mirrors. It’s used as a fall back in case db.XY.clamav.net is not working.
Default: database.clamav.net
so, we must have at least 2 lines.. but for other directives man page says explicitly:
This option can be used multiple times. (cfr DatabaseCustomURL)
anyone here have any idea?
-
Light at the end of the tunnel :-)
http://lists.clamav.net/pipermail/clamav-users/2017-August/005038.html
-
Light at the end of the tunnel :-)
http://lists.clamav.net/pipermail/clamav-users/2017-August/005038.html
the fix is quite simple, it is
1- to check mirror health and only present on round robin dns healthy mirrors...
2- add at least a second alternative to ftp.heanet.ie ( not depending from it)
From what I understand their default mirror is the famous db.ie.clamav.net has address 193.1.193.64.
Either you have a country with public mirrors, and you will get a list, with some syncing from the ie mirror and other from another
$ host database.clamav.net
database.clamav.net is an alias for db.local.clamav.net.
db.local.clamav.net is an alias for db.ca.clamav.net.
db.ca.clamav.net has address 67.215.9.147
db.ca.clamav.net has address 200.236.31.1
db.ca.clamav.net has address 172.255.51.117
db.ca.clamav.net has address 207.210.46.249
$ host db.us.clamav.net
db.us.clamav.net is an alias for db.us.big.clamav.net.
db.us.big.clamav.net has address 207.57.106.31
db.us.big.clamav.net has address 128.199.133.36
db.us.big.clamav.net has address 200.236.31.1
db.us.big.clamav.net has address 150.214.142.197
db.us.big.clamav.net has address 69.12.162.28
db.us.big.clamav.net has address 69.163.100.14
db.us.big.clamav.net has address 104.131.196.175
db.us.big.clamav.net has address 64.22.33.90
db.us.big.clamav.net has address 208.72.56.53
db.us.big.clamav.net has address 155.98.64.87
db.us.big.clamav.net has address 168.143.19.95
db.us.big.clamav.net has address 204.130.133.50
db.us.big.clamav.net has address 64.6.100.177
db.us.big.clamav.net has address 194.8.197.22
db.us.big.clamav.net has address 194.186.47.19
db.us.big.clamav.net has address 198.148.78.4
$ host db.de.clamav.net
db.de.clamav.net has address 195.30.97.3
db.de.clamav.net has address 62.245.181.53
db.de.clamav.net has address 144.76.28.11
db.de.clamav.net has address 213.174.32.130
db.de.clamav.net has address 88.198.17.100
db.de.clamav.net has address 178.63.73.246
db.de.clamav.net has address 62.27.56.14
db.de.clamav.net has address 130.133.110.67
db.de.clamav.net has address 212.227.138.145
db.de.clamav.net has address 62.201.161.84
db.de.clamav.net has address 5.9.253.237
db.de.clamav.net has address 193.27.49.165
db.de.clamav.net has address 84.39.110.99
either you are an unlucky French where all the available mirror sync from the faulty mirror
$ host db.fr.clamav.net
db.fr.clamav.net has address 46.29.125.16
db.fr.clamav.net has address 212.180.1.29
db.fr.clamav.net has address 193.51.160.14
db.fr.clamav.net has address 91.193.56.105
db.fr.clamav.net has address 51.15.177.217
db.fr.clamav.net has address 193.52.101.131
db.fr.clamav.net has address 178.32.100.7
db.fr.clamav.net has address 178.33.105.132
or simply there is no local mirror and you are default to the ie ftp.heanet.ie:
$ host db.au.clamav.net
db.au.clamav.net has address 193.1.193.64
$ host db.nz.clamav.net
db.nz.clamav.net is an alias for db.au.clamav.net.
db.au.clamav.net has address 193.1.193.64
from our perspective, Stefano suggestion is an easy approach to have a few more alternatives, I would complete it this way :
{
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
my $localmirrors = ${clamav}{DatabaseMirror} || "db.local.clamav.net";
foreach my $host (split(',' , $localmirrors ))
{
$OUT .= "DatabaseMirror $host\n";
}
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
$OUT .= "DatabaseMirror database.clamav.net";
}
Furthermore we could change the default value
db.local.clamav.net
to
db.local.clamav.net, db.de.clamav.net. db.us.clamav.net,db.jp.clamav.net
this way, we would have 3 regional alternatives from 3 different regions in the world before defaulting on the global one that is mostly already the first one if you have the head downside...
-
Janet...some systems might need:
mkdir -p /etc/e-smith/templates-custom/etc/freshclam.conf first..
-
Dear All
It seems db.de.clamav.net DatabaseMirror is now playing up in Sydney, Oz. Getting hourly messages of failures to update.
Specifying multiple database hosts is probably a good idea.
-
G'day janet..
Only way I have been able to prevent the constant errors and get a server to be consistent, is to use an actual ip that I know is working and manually edit the conf file. Don't want to muck about with the template just yet.
DatabaseMirror 198.148.78.4
DatabaseMirror 172.255.51.117
# DatabaseMirror db.local.clamav.net
# DatabaseMirror database.clamav.net
First is in US second French..
The database.clamav.net url is now useless and resolves to an error, hence why I have hashed it out.
db is set to the first ip..
Did what the clamav ML described..
Found what ips resolved from locale urls
[root@fagehome ~]# host db.fr.clamav.net
db.fr.clamav.net has address 46.29.125.16
db.fr.clamav.net has address 51.15.177.217
db.fr.clamav.net has address 178.32.100.7
db.fr.clamav.net has address 178.33.105.132
db.fr.clamav.net has address 193.52.101.131
db.fr.clamav.net has address 212.180.1.29
[root@fagehome ~]# host db.us.clamav.net
db.us.clamav.net is an alias for db.us.big.clamav.net.
db.us.big.clamav.net has address 69.12.162.28
db.us.big.clamav.net has address 69.163.100.14
db.us.big.clamav.net has address 150.214.142.197
db.us.big.clamav.net has address 155.98.64.87
db.us.big.clamav.net has address 194.8.197.22
db.us.big.clamav.net has address 198.148.78.4
db.us.big.clamav.net has address 200.236.31.1
db.us.big.clamav.net has address 204.130.133.50
Checked each one to see what actually worked..voila..
The big problem right now is the problems clam is having with the database.clamav.net url it is supposed to be the last resort fallback, its borked..
If I have to reboot a server I will manually edit the freshclam.conf as above
Added: This definitively told me it was working :-) # wget http://198.148.78.4/bytecode.cvd
most of the IPs didn't
-
Seems to be failing intermittently in the UK as well (again!).
-
Please see the latest from the Clam AV list
Mirror issues and what we are doing to fix it
http://lists.clamav.net/pipermail/clamav-users/2017-August/005038.html
-
Please see the latest from the Clam AV list
Mirror issues and what we are doing to fix it
http://lists.clamav.net/pipermail/clamav-users/2017-August/005038.html
Sounds promising..... 8)
-
Sounds promising..... 8)
Never know your luck :-)
-
Never know your luck :-)
All bad unfortunately, actually it never got to good :-)
Since the dirty temp fix above, last 24hrs updates are working and no freshclam error emails.
database.clamav.net is still borked... :-(
-
Some more knowledge from the Clam ML: http://lists.clamav.net/pipermail/clamav-users/2017-August/005046.html
-
TerryF
Just to get things working again using good hosts, pending a resolve from Clamav, I did:
edited the DatabaseMirror custom template referred to earlier to read
{
# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# Default: There is no default, which results in an error when running freshclam
$OUT = "DatabaseMirror db.us.clamav.net\n";
# database.clamav.net is a round-robin record which points to our most
# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
# not working. DO NOT TOUCH the following line unless you know what you
# are doing.
$OUT .= "DatabaseMirror db.jp.clamav.net";
}
Save
Ctrl + o
signal-event email-update
refreshclam
Seems to be OK again
-
Seems to be OK again
That'll do it mate...its looking like it will be some days until they sort out host and mirror issues etc..
Unfortunately as we know small number of routes in and out of OZ, doesn't take much to make connectivity problamatic :-)
-
Clam looks to have resolved their mirror and domain issues, have now returned all my config and db properties back to defaults, working OK.
Of note for us in the land of oz and long white clouds :-), db.local.clamav.net is now aliased via .au to the us mirrors..
[root@fagehome ~]# host db.local.clamav.net
db.local.clamav.net is an alias for db.au.clamav.net.
db.au.clamav.net is an alias for db.us.rr.clamav.net.
db.us.rr.clamav.net has address 204.130.133.50
db.us.rr.clamav.net has address 194.8.197.22
db.us.rr.clamav.net has address 128.199.133.36
-
Still failing in the UK:
2017-09-01 13:54:21.406842500 ClamAV update process started at Fri Sep 1 13:54:21 2017
2017-09-01 13:54:21.407112500 main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
2017-09-01 13:54:21.710865500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711281500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711595500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711915500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.712240500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.712587500 ERROR: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.740925500 WARNING: Incremental update failed, trying to download daily.cvd
2017-09-01 13:54:21.741263500 Trying host database.clamav.net (193.1.193.64)...
2017-09-01 13:54:21.904787500 WARNING: getfile: daily.cvd not found on database.clamav.net (IP: 193.1.193.64)
2017-09-01 13:54:21.904942500 ERROR: Can't download daily.cvd from database.clamav.net
2017-09-01 13:54:21.905329500 Giving up on database.clamav.net...
2017-09-01 13:54:21.905330500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
-
Still failing in the UK:
2017-09-01 13:54:21.406842500 ClamAV update process started at Fri Sep 1 13:54:21 2017
2017-09-01 13:54:21.407112500 main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
2017-09-01 13:54:21.710865500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711281500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711595500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.711915500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.712240500 WARNING: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.712587500 ERROR: getpatch: Can't download daily-23736.cdiff from database.clamav.net
2017-09-01 13:54:21.740925500 WARNING: Incremental update failed, trying to download daily.cvd
2017-09-01 13:54:21.741263500 Trying host database.clamav.net (193.1.193.64)...
2017-09-01 13:54:21.904787500 WARNING: getfile: daily.cvd not found on database.clamav.net (IP: 193.1.193.64)
2017-09-01 13:54:21.904942500 ERROR: Can't download daily.cvd from database.clamav.net
2017-09-01 13:54:21.905329500 Giving up on database.clamav.net...
2017-09-01 13:54:21.905330500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
Working here (in the UK).