On 9/13/11 2:28 PM, "Bryan Burke" <[email protected]> wrote:
>> % grep "Can't connect to port 80 of host database.clamav.net (IP: >> 88.198.67.125)" /var/log/freshclam.log | wc -l >> 27 > > Interesting. When I just grep for the IP in my logs: > > ib /var/log # grep 88.198.67.125 maillog* | wc -l > 12 > > ren /var/log # grep 88.198.67.125 maillog* | wc -l > 5 > > ba /var/log # grep 88.198.67.125 maillog* | wc -l > 12 > > That represents 7 days worth of logs, across three servers. That averages to > ~10/day. Note > that my systems are configured for the default, which is 12 DB update checks > per day. > Since freshclam doesn't seem to log the IP (by default, at least) when the > update succeeds > (or there is no update), I have no good way of checking how many times > 88.198.67.125 is queried. > My logs show successful update sources in the last line, but not when there is no update. For instance, here is the one that just occurred: -------------------------------------- ClamAV update process started at Tue Sep 13 15:45:07 2011 main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) connect_error: getsockopt(SO_ERROR): fd=4 error=61: Connection refused Can't connect to port 80 of host db.US.clamav.net (IP: 88.198.67.125) Downloading daily-13609.cdiff [100%] daily.cld updated (version: 13609, sigs: 192584, f-level: 60, builder: neo) bytecode.cld is up to date (version: 144, sigs: 41, f-level: 60, builder: edwin) Database updated (1038839 signatures) from db.US.clamav.net (IP: 194.8.197.22) -------------------------------------- -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
