Re: [clamav-users] Can clamd only reload changed databases?

2019-04-30 Thread Tobi 
That sounds do-able, thanks for the hint

> The only thing I can't remember is how to tell each clamdscan which
> clamd to use, but I'm pretty sure it's possible.

as our application directly talks to clamd that will be easy to solve.

Think the overhead can be more reduced as the 2nd clamd instance will
only run our sigs, so we can turn off a lot of clamd option which are
already performed in the 1st instance.


Am 30.04.19 um 16:03 schrieb Michael M. Minor:
> Could you run two copies of clamd, one using stock db and the other
> using your custom sigs? Then you would only need to signal the one
> running the custom sigs when they change. Yes you would need to trigger
> two scans of the target data, but the overhead shouldn't be too bad. The
> only thing I can't remember is how to tell each clamdscan which clamd to
> use, but I'm pretty sure it's possible.
>
> On Tue, Apr 30, 2019, 9:08 AM Tobi  <mailto:jahli...@gmx.ch>> mailto:jahli...@gmx.ch>> wrote:
>
> We have the problem that we change our custom clamav rules quite often.
> A job syncs changed rules files to clamav server and then sends a
> SIGUSR2 signal to reload the signatures. In that time of reloading
> clamav does not really work and the application using clamd has to wait
> for up to 30s.
> So we wonder if it's somehow possible to "tell" the clamd that only
> changed databases have to be re-read. As our own sigs are very small
> compared to the stock sigs, the reload for our sigs is quite fast. What
> takes long is the reload of stock sigs.
> Basically we're looking for a way to tell clamd to only reload defined
> databases or changed databases.
>
> If that is not possible in current clamav, would it be worth considered
> a feature request for future releases?
>
> Thanks for any idea
>
>
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net <mailto:clamav-users@lists.clamav.net>
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Can clamd only reload changed databases?

2019-04-30 Thread Tobi 
We have the problem that we change our custom clamav rules quite often.
A job syncs changed rules files to clamav server and then sends a
SIGUSR2 signal to reload the signatures. In that time of reloading
clamav does not really work and the application using clamd has to wait
for up to 30s.
So we wonder if it's somehow possible to "tell" the clamd that only
changed databases have to be re-read. As our own sigs are very small
compared to the stock sigs, the reload for our sigs is quite fast. What
takes long is the reload of stock sigs.
Basically we're looking for a way to tell clamd to only reload defined
databases or changed databases.

If that is not possible in current clamav, would it be worth considered
a feature request for future releases?

Thanks for any idea



___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 has been released!

2018-01-26 Thread Tobi 
As far as I understand the release notes of 99.3 its a security fix which has 
nothing to do with former 99.3 beta. 
The former beta now is 0.100 
(http://blog.clamav.net/2018/01/clamav-version-number-adjustment.html).
So at least for me it makes sense that you have to remove the beta first to 
apply fixed 99.3 version

Am 26. Januar 2018 15:49:14 MEZ schrieb Reindl Harald :
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] URGENT: Clamd is wedged on multiple installations

2018-01-26 Thread Tobi 
Do you mean this one ? 
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Am 26. Januar 2018 14:03:14 MEZ schrieb Andreas Schulze 
:
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Unable to download database

2017-08-23 Thread Tobi 
My boxes in NL can still download

wget http://database.clamav.net/daily-23697.cdiff
HTTP request sent, awaiting response... 200 OK

dig database.clamav.net
database.clamav.net.43  IN  CNAME   db.local.clamav.net.
db.local.clamav.net.582 IN  CNAME   db.nl.clamav.net.
db.nl.clamav.net.   43  IN  A   145.58.29.83
db.nl.clamav.net.   43  IN  A   194.109.6.97

But boxes in CH have troubles too. Some files can be loaded and then it fails 
again


Am 23.08.2017 um 10:13 schrieb Steve Basford:
> On Wed, August 23, 2017 8:26 am, lukn555 wrote:
>> Good Day ClamAV List
>>
>>
>> Since yesterday at around noon CET I've been having issues downloading
>> the ClamAV database:
>
> Same here in the UK...
>
> Can't query daily.0.82.0.1.814301DA.ping.clamav.net
> Wed Aug 23 08:14:39 2017 -> Giving up on db.gb.clamav.net...
> Wed Aug 23 08:14:39 2017 -> ClamAV update process started at Wed Aug 23
> 08:14:39
> Wed Aug 23 08:14:39 2017 -> main.cld is up to date (version: 58, sigs:
> 4566249,
> Wed Aug 23 08:14:41 2017 -> WARNING: getpatch: Can't download
> daily-23699.cdiff
> Wed Aug 23 08:14:41 2017 -> WARNING: getpatch: Can't download
> daily-23699.cdiff
> Wed Aug 23 08:14:41 2017 -> WARNING: getpatch: Can't download
> daily-23699.cdiff
> Wed Aug 23 08:14:41 2017 -> WARNING: getpatch: Can't download
> daily-23699.cdiff
> Wed Aug 23 08:14:41 2017 -> ERROR: getpatch: Can't download
> daily-23699.cdiff fr
> Wed Aug 23 08:14:41 2017 -> WARNING: Incremental update failed, trying to
> downlo
> Wed Aug 23 08:14:41 2017 -> Trying host database.clamav.net (129.67.1.218)...
> Wed Aug 23 08:15:14 2017 -> Downloading daily.cvd [100%]
> Wed Aug 23 08:15:15 2017 -> WARNING: Mirror 129.67.1.218 is not synchronized.
> Can't query daily.0.82.0.1.814301DA.ping.clamav.net
> Wed Aug 23 08:15:15 2017 -> Giving up on database.clamav.net...
> Wed Aug 23 08:15:15 2017 -> Update failed. Your network may be down or
> none of t
> Wed Aug 23 08:15:15 2017 -> --
>
> and
>
> Can't connect to port 80 of host db.gb.clamav.net (IP: 81.91.100.173)
> Trying host db.gb.clamav.net (129.67.1.218)...
> nonblock_recv: giving up due to excessive bogus loops
> WARNING: getfile: Error while reading database from db.gb.clamav.net (IP:
> 129.67
> .1.218): Unknown error
> WARNING: getpatch: Can't download daily-23697.cdiff from db.gb.clamav.net
> WARNING: getpatch: Can't download daily-23697.cdiff from db.gb.clamav.net
> WARNING: getpatch: Can't download daily-23697.cdiff from db.gb.clamav.net
> WARNING: Incremental update failed, trying to download daily.cvd
> Downloading daily.cvd [100%]
> LibClamAV debug: Initialized 0.99.2 engine
> LibClamAV debug: in cli_cvdload()
> LibClamAV debug: MD5(.tar.gz) = f01678b14488419c5e8f5206c7bb4786
> LibClamAV debug: cli_cvdverify: MD5 verification error
> LibClamAV debug: Cleaning up phishcheck
> LibClamAV debug: Phishcheck cleaned up
> ERROR: Verification: Can't verify database integrity
> Trying again in 5 secs...
> ClamAV update process started at Wed Aug 23 09:12:31 2017
> main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
> sigmgr
> )
> LibClamAV debug: in cli_untgz()
>
>
>

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Error (Cannot connect to unix socket '/var/lib/clamav/clamd.socket': connect: No such file or directory)

2016-08-07 Thread Tobi 
Hi Chris

sorry I was not clear enough. I did not mean to start the service via systemd 
but to call like

sudo /usr/sbin/clamd -c /path/to/config

and see then if the socket has been created in expected location.

Cheers

tobi

- Originale Nachricht -
Von: Chris <cpoll...@embarqmail.com>
Gesendet: 07.08.16 - 15:51
An: clamav-users@lists.clamav.net
Betreff: Re: [clamav-users] Error (Cannot connect to unix socket 
'/var/lib/clamav/clamd.socket': connect: No such file or directory)

> On Sun, 2016-08-07 at 10:49 +0200, Tobi wrote:
>> It might a systemd issue. Have you tried to start clamd by calling it
>> directly on cli? Does it create the socket then?
>> 
>> Cheers
>> 
>> tobi
> 
> I've tried that lots of times Tobi, however, it still doesn't create
> it:
> 
> chris@localhost:~$ sudo service clamav-daemon stop  [ - ]  clamav-
> daemon
> 
> chris@localhost:~$ sudo service clamav-daemon start [ + ]  clamav-
> daemon
> 
> The 'clamd.socket' file should be between these two but it's not:
> 
> -rw-r--r--  1 clamav clamav446464 Jun 23 11:40 bytecode.cld
> -rw-r--r--  1 clamav clamav82 Jul 13 14:44 crdfam.clamav.hdb
> 
> 
> 
>> - Originale Nachricht -
>> Von: Chris <cpoll...@embarqmail.com>
>> Gesendet: 07.08.16 - 04:49
>> An: clamav-users@lists.clamav.net
>> Betreff: [clamav-users] Error (Cannot connect to unix socket
>> '/var/lib/clamav/clamd.socket': connect: No such file or directory)
>> 
>> > 
>> > I upgraded to Ubuntu 16.04LTS earlier this week and it installed
>> > ClamAV
>> > 0.99. I previously had 98.7 installed and running perfectly. I have
>> > it
>> > being called by Spamassassin. When an incoming message is checked
>> > the
>> > line in the subject appears. Permissions for the directory
>> > /var/lib/clamav:
>> > 
>> > drwxr-xr-x 3 clamavclamav4096 Aug  6 20:36 clamav
>> > 
>> > Owner and group of each file in /var/lib/clamav is clamav  clamav.
>> > 
>> > The clamd.ctl file exist as shown in my /etc/clamav/clamd.conf:
>> > 
>> > # This option allows you to save a process identifier of the
>> > listening
>> > # daemon (main thread).
>> > # Default: disabled
>> > PidFile /var/run/clamav/clamd.pid
>> > 
>> > I have the /tmp location set:
>> > 
>> > # Optional path to the global temporary directory.
>> > # Default: system specific (usually /tmp or /var/tmp).
>> > TemporaryDirectory /var/tmp
>> > 
>> > I have this set for the socket file:
>> > 
>> > # Path to a local socket file the daemon will listen on.
>> > # Default: disabled (must be specified by a user)
>> > LocalSocket /var/lib/clamav/clamd.socket
>> > 
>> > It's not getting created no matter what I do. It used to be created
>> > in
>> > fact it was there before I did the system upgrade.
>> > 
>> > Any assistance would be appreciated.
>> > 
>> > Chris
>> > 
> -- 
> Chris
> KeyID 0xE372A7DA98E6705C
> 31.11972; -97.90167 (Elev. 1092 ft)
> 08:43:05 up 12:07, 1 user, load average: 0.77, 0.83, 0.74
> Ubuntu 16.04.1 LTS, kernel 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 
> 00:07:12 UTC 2016
> 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Error (Cannot connect to unix socket '/var/lib/clamav/clamd.socket': connect: No such file or directory)

2016-08-07 Thread Tobi 
It might a systemd issue. Have you tried to start clamd by calling it directly 
on cli? Does it create the socket then?

Cheers

tobi

- Originale Nachricht -
Von: Chris <cpoll...@embarqmail.com>
Gesendet: 07.08.16 - 04:49
An: clamav-users@lists.clamav.net
Betreff: [clamav-users] Error (Cannot connect to unix socket 
'/var/lib/clamav/clamd.socket': connect: No such file or directory)

> I upgraded to Ubuntu 16.04LTS earlier this week and it installed ClamAV
> 0.99. I previously had 98.7 installed and running perfectly. I have it
> being called by Spamassassin. When an incoming message is checked the
> line in the subject appears. Permissions for the directory
> /var/lib/clamav:
> 
> drwxr-xr-x 3 clamavclamav4096 Aug  6 20:36 clamav
> 
> Owner and group of each file in /var/lib/clamav is clamav  clamav.
> 
> The clamd.ctl file exist as shown in my /etc/clamav/clamd.conf:
> 
> # This option allows you to save a process identifier of the listening
> # daemon (main thread).
> # Default: disabled
> PidFile /var/run/clamav/clamd.pid
> 
> I have the /tmp location set:
> 
> # Optional path to the global temporary directory.
> # Default: system specific (usually /tmp or /var/tmp).
> TemporaryDirectory /var/tmp
> 
> I have this set for the socket file:
> 
> # Path to a local socket file the daemon will listen on.
> # Default: disabled (must be specified by a user)
> LocalSocket /var/lib/clamav/clamd.socket
> 
> It's not getting created no matter what I do. It used to be created in
> fact it was there before I did the system upgrade.
> 
> Any assistance would be appreciated.
> 
> Chris
> 
> -- 
> Chris
> KeyID 0xE372A7DA98E6705C
> 31.11972; -97.90167 (Elev. 1092 ft)
> 20:49:27 up 14 min, 1 user, load average: 0.34, 1.74, 1.93
> Ubuntu 16.04.1 LTS, kernel 4.4.0-31-generic #50-Ubuntu SMP Wed Jul 13 
> 00:07:12 UTC 2016
> 
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml