Thanks for the prompt reply,
*IP is*: 193.181.246.98 *ClamAV version* is: "*WARNING: Local version: 0.100.2 Recommended version: 0.101.0*" After some reading, this seems to be the latest version in a stable CentOS EPEL stable repo - correct? Regards, *Claudiu ALBU* On Fri, 21 Dec 2018 at 14:37, Joel Esler (jesler) <jes...@cisco.com> wrote: > What IP are you coming from? What version ClamAV are you using? > > Sent from my iPhone > > On Dec 21, 2018, at 06:27, Claudiu Albu <claudiu.alb...@gmail.com> wrote: > > Hello all, > > > > > > Been browsing through similar previous occurrences but found nothing > conclusive to our particular scenario. > > > > We’ve installed ClamAV on a Centos7 server somewhere in our > infrastructure, which was supposed to *get its updates through a Squid > proxy*. > > We’ve set freshclam.conf to *check for updates hourly*. For the first 6 > hours freshclam outputted no error and everything went fine. > > After that, we seemingly *started getting our connection blocked* with: > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getfile: Unknown response from > database.clamav.net: HTTP/1.0 403 > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getpatch: Can't download > daily-25222.cdiff from database.clamav.net > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getfile: Unknown response from > database.clamav.net: HTTP/1.0 403 > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getpatch: Can't download > daily-25222.cdiff from database.clamav.net > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getfile: Unknown response from > database.clamav.net: HTTP/1.0 403 > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getpatch: Can't download > daily-25222.cdiff from database.clamav.net > > Dec 21 11:08:47 dcp2tac freshclam[68187]: Incremental update failed, > trying to download daily.cvd > > Dec 21 11:08:47 dcp2tac freshclam[68187]: getfile: Unknown response from > database.clamav.net: HTTP/1.0 403 > > Dec 21 11:08:47 dcp2tac freshclam[68187]: Can't download daily.cvd from > database.clamav.net > > Dec 21 11:08:47 dcp2tac freshclam[68187]: Giving up on database.clamav.net > ... > > Dec 21 11:08:47 dcp2tac freshclam[68187]: Update failed. Your network may > be down or none of the mirrors listed in /etc/freshclam.conf is working. > Check https://www.clamav.net > > > > Additionally, please see below sendspace link for a curl dump running curl > -x http://10.128.38.250:8080 -L --trace curl-dump > http://database.clamav.net/daily.cvd > > - https://www.sendspace.com/file/j8jqjq > > > > Moreover, what seems to lead to the same conclusion (our connection > getting blocked) is we’ve managed getting freshclam to work through another > Squid proxy going through a completely different external IP address in our > infrastructure – which worked. > > > > Does this happen due to repeated connections to database.clamav.net *after > having set updates hourly*? > > Can this be tackled from your side in any way? Or should we go for a local > web server? > > > > Thanks in advance, > > *Claudiu ALBU* > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml