Hi all, I'm using clamav on 2 systems built the same way: the first one is behind a firewall and freshclam is not working, the other one is using a proxy to connect to the internet and freshclam is working.
For the system not working, I get this in the log: Mon Sep 11 09:09:02 2023 -> ^remote_cvdhead: Download failed (6) Mon Sep 11 09:09:02 2023 -> ^ Message: Couldn't resolve host name Mon Sep 11 09:09:02 2023 -> ^Failed to get daily database version information from server: https://database.clamav.net Mon Sep 11 09:09:02 2023 -> !check_for_new_database_version: Failed to find daily database using server https://database.clamav.net. Mon Sep 11 09:09:02 2023 -> *updatedb: daily database update failed. Mon Sep 11 09:09:02 2023 -> Trying again in 5 secs... Mon Sep 11 09:09:07 2023 -> *check_for_new_database_version: Local copy of daily found: daily.cld. Mon Sep 11 09:09:07 2023 -> Trying to retrieve CVD header from https://database.clamav.net/daily.cvd * Could not resolve host: database.clamav.net * Closing connection 0 Mon Sep 11 09:09:07 2023 -> !remote_cvdhead: Download failed (6) Mon Sep 11 09:09:07 2023 -> ! Message: Couldn't resolve host name Mon Sep 11 09:09:07 2023 -> ^Failed to get daily database version information from server: https://database.clamav.net Mon Sep 11 09:09:07 2023 -> !check_for_new_database_version: Failed to find daily database using server https://database.clamav.net. Mon Sep 11 09:09:07 2023 -> *updatedb: daily database update failed. Mon Sep 11 09:09:07 2023 -> Giving up on https://database.clamav.net... Mon Sep 11 09:09:07 2023 -> !Update failed for database: daily Mon Sep 11 09:09:07 2023 -> !Database update process failed: HTTP GET failed Mon Sep 11 09:09:07 2023 -> !Update failed. I checked with my firewall guy that port 53 was open udp and tcp and he said yes. I checked with the faq and dns resolution is working and also the dig command: /tmp# nslookup database.clamav.net Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: database.clamav.net canonical name = database.clamav.net.cdn.cloudflare.net. Name: database.clamav.net.cdn.cloudflare.net Address: 104.16.219.84 Name: database.clamav.net.cdn.cloudflare.net Address: 104.16.218.84 Name: database.clamav.net.cdn.cloudflare.net Address: 2606:4700::6810:db54 Name: database.clamav.net.cdn.cloudflare.net Address: 2606:4700::6810:da54 /tmp# dig @ns1.clamav.net db.us.big.clamav.net ; <<>> DiG 9.16.1-Ubuntu <<>> @ns1.clamav.net db.us.big.clamav.net ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 63233 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;db.us.big.clamav.net. IN A ;; Query time: 104 msec ;; SERVER: 193.28.86.61#53(193.28.86.61) ;; WHEN: Mon Sep 11 09:19:06 EDT 2023 ;; MSG SIZE rcvd: 49 With curl, the download is partial: /tmp# curl -O http://database.clamav.net/daily.cvd % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 4899 0 4899 0 0 199k 0 --:--:-- --:--:-- --:--:-- 199k Anyone have an idea on what could be my problem? Thanks in advance, Serge
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
