Re: [clamav-users] Need help on clamav database mirroring.

Kris Deugau via clamav-users Fri, 25 Jul 2025 08:02:21 -0700

Not having needed this tool (yet) I haven't looked closely before this,but that link reports that cvdupdate grabs the *entire* CVD file everytime (or at least daily).

I thought one of the key reasons to introduce this tool was todrastically reduce the number of people downloading the entire signaturedefinition file all the time...


-kgd


Joel Esler via clamav-users wrote:

Atish —

Have you read Brendan’s link?
Hosting a Private Database Mirror - ClamAV Documentation<https://docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting%20DatabaseMirror#use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror>
How to set up a private mirror is all documented there.
On Jul 24, 2025, at 01:45, Khedkar, Atish via clamav-users<[email protected]> wrote:
Thanks@Brendan Bell (brebell) <mailto:[email protected]>for your help.
I have understood the client side freshclam configuration. I hadquestions regarding cvdupdate application.
 1. How to set custom target database URL instead
    ofhttps://database.clamav.net
    
<https://urldefense.com/v3/__https:/database.clamav.net__;!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qycw9D_vxB$>?
 2. How to skip dns.txt download? We don’t want to host a DNS database
    info server. It will be private database mirror repo.

Thanks,
Atish Khedkar
*From:*Brendan Bell (brebell) <[email protected]>
*Sent:*Tuesday, July 22, 2025 10:37 PM
*To:*[email protected]
*Cc:*Khedkar, Atish <[email protected]>
*Subject:*[EXTERNAL] Re: Need help on clamav database mirroring.
Hello Atish,
Apologies for the delay.
If I have correctly understood you question I believe you may want tolook into the following solutions.
 1.  Try setting DatabaseMirror in freshclam.conf to point at their
    primary node. A little more detail can be found
    
here:https://docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting%20DatabaseMirror#use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror
    
<https://urldefense.com/v3/__https:/docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting*20DatabaseMirror*use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror__;JSM!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qyc6N8Kf_N$>
2. We always recommend updating to the newest available version toget the latest security fixes. Currently 1.0.9 or 1.4.3 are therecommended versions. You can ignore dns.txt unless you are lookingto host a DNS database info server. As long as you keep your privatemirror updating at least every 24 hours you don't need to host a DNSdatabase server. There is nothing specific you need to do to support different clamavclient versions in your deployment. It is best to upgrade olderclients to ones supported versions in order to get the latest securityfixes. Right now these are 1.0.9 or 1.4.3. You can ignore dns.txtunless you wish to host a DNS database info server. You don't need to,so long as you keep your private mirror relatively up to date(updating at least every 24 hours).
------------------------------------------------------------------------
*From:* clamav-users <[email protected]<mailto:[email protected]>> on behalf of Khedkar,Atish via clamav-users <[email protected]<mailto:[email protected]>>
*Sent:* Wednesday, July 16, 2025 11:48 AM
*To:* [email protected]<mailto:[email protected]><[email protected]<mailto:[email protected]>>*Cc:* Khedkar, Atish <[email protected]<mailto:[email protected]>>
*Subject:* [clamav-users] Need help on clamav database mirroring.
Hello Team,
There are multiple clamav (along with freshclam) nodes are deployed inour Cloud Data Center. These clamav nodes are directly connecting topublic clamav database. That causes the connect rate limit on this CDNas expected. The deployed clamav nodes can be on various version(ranging from 0.104 to 1.4.0)As mentioned in clamav FAQ, we are setting up private mirrorrepository as shown below in attached image. Following is our thought:
 1. Set up a*multi-pod ClamAV mirror repository* architecture with
    a*primary/secondary model.*
     1. The primary node which runs cvd update every 6 hours and
        stores .cvd, .cdiff, .cld, dns.txt etc.
     2. The secondary node using cvd update should sync data from
        primary node.
 2. Primary and Secondary nodes should maintain patches cdiff files also.

Based on above requirement, I have following question:

 1. How to set custom target database URL instead
    ofhttps://database.clamav.net
    
<https://urldefense.com/v3/__https:/database.clamav.net__;!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qycw9D_vxB$>?
    In my case, how can I pass my primary repo URL?
 2. If my client clamav version is ranging from 0.104 to 1.4.0 then
    what thing I need to take care in mirror repository? Any thing
    related to dns.txt?

Thanks,
Atish Khedkar
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat


_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] Need help on clamav database mirroring.

Reply via email to