A few years ago, when I was attempting local mirroring, I was having a
recurring problem with my local Cloudflare "anycast" server ("BOS"). I wonder
if you might be having a similar problem.
I was running a crontab triggered procedure a few times an hour which would do
a DNS TXT query to see what the latest versions of everything were, and then
download the CVDs if necessary. These new versions were then put in the local
mirror. I did this frequent querying -- perhaps followed by downloading --
because AV providers occasionally issue "emergency" releases of new signatures.
I found that very frequently the BOS Cloudflare server was many hours behind
the other Cloudflare servers, and didn't have the latest signature CVD. This
made the attempted download futile. (Actually, I would download the first N
bytes of the CVD file to see if it was indeed the version the DNS TXT query
reported -- before downloading the whole file. This is how I discovered the
Cloudflare's BOS server was often not up to date.)
I gave up on the local mirror approach when somebody pointed out that I didn't
have enough local ClamAV instances to actually save bandwidth compared to
having each instance just use the normal direct approach separately. (I don't
think that local mirroring supported CDIFFs at the time.)
Now, of course, the CVDs are much bigger, and, unlike then, one has to be very
careful not to download too much too often, lest one get blocked. (I was
careful even back then, and never did silly things like downloading identical
copies of an unchanged CVD 10^N times per day.)
On Wed, 15 Mar 2023 19:22:09 +0000
newcomer01 via clamav-users <clamav-users@lists.clamav.net> wrote:
> Hi,
>
> I have a similar problem, i found out, that it might be problems with the ip,
> but i have no further details.
> I got the same error if i set "--local-address=" for freshclam, as result of
> this, i have removed this option from my freshclam call again and let clamav
> do what he want to do.
>
>
> kind greetings
> Marc
>
> Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
> An / To: Newcomer01 <mailto:newcome...@posteo.de>
> CC / CC: Jorge Elissalde <mailto:elissalde....@gmail.com>
> Gesendet / Sent: Mittwoch, März 15, 2023 um 19:29 (at 07:29 PM) +0100
> Betreff / Subject: [clamav-users] The database server doesn't have the latest
> patch
> > Hi,
> >
> > I'm using my own mirror for Database update.
> > Configuration in Freshclam correctly points to my server:
> >
> > DatabaseMirror http://myserver.info/clamav
> >
> > The Database Server is a Linux, running cvd command from a crontab:
> >
> > cvd update
> > 2023-03-15 18:20:10 cvdupdate-1.1.1 INFO Using system configured nameservers
> > 2023-03-15 18:20:10 cvdupdate-1.1.1 INFO main.cvd is up-to-date. Version: 62
> > 2023-03-15 18:20:10 cvdupdate-1.1.1 INFO daily.cvd is up-to-date. Version:
> > 26842
> > 2023-03-15 18:20:10 cvdupdate-1.1.1 INFO bytecode.cvd is up-to-date.
> > Version: 334
> >
> > But for some reason, Freshclam gives an error today:
> >
> > ClamAV update process started at Wed Mar 15 15:21:07 2023
> > daily.cld database is up-to-date (version: 26842, sigs: 2025908, f-level:
> > 90, builder: raynman)
> > main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90,
> > builder: sigmgr)
> > bytecode database available for update (local version: 333, remote version:
> > 334)
> > Current database is 1 version behind.
> > Downloading database patch # 334...
> > Time: 1.3s, ETA: 0.0s [========================>] 801B/801B
> > ERROR: downloadPatch: Can't apply patch
> > The database server doesn't have the latest patch for the bytecode database
> > (version 334). The server will likely have updated if you check again in a
> > few hours.
> >
> >
> >
> > I have updated Linux server with cvd update several times, but nothing
> > happens.
> > If I change the mirror directive to get files from database.clamav.net
> > <http://database.clamav.net> everything works fine.
> >
> > I'm using Clamav 1.0.1:
> >
> > freshclam --version
> > ClamAV 1.0.1/26842/Wed Mar 15 04:22:42 2023
> >
> >
> > What could be happening to my own mirror?
> > Thank you in advance,
> >
> > Jorge
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
