Re: [clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
I think I will let the support technicians help me with this. Can't make it work with the GUI. Den ons 11 sep. 2019 19:15Paul Kosinski via clamav-users < clamav-users@lists.clamav.net> skrev: > Perhaps looking at your firewall's log file would show exactly what's > going on. Ours is in "/var/log/firewall", but your system might keep it > in a different place. I think the (Cloudflare) IP addresses used for > download are "104.16.218.84" and "104.16.219.84" (and maybe others?). > > > On Wed, 11 Sep 2019 16:31:31 +0200 > Birger Birger via clamav-users wrote: > > > Turned firewall off with "sudo zs firewall stop" and run the command > > "freshclam". > > > > Now all the files "main.cvd", "daily.cvd", "bytecode.cvd" and > > "mirrors" was rapidly and successfully updated. > > > > After I turned the firewall on again. > > > > Changes are obviously needed in iptables and/or firewall but don't > > know what. > > > > Den ons 11 sep. 2019 11:35G.W. Haywood via clamav-users < > > clamav-users@lists.clamav.net> skrev: > > > > > Hi there, > > > > > > On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: > > > > > > > Now it seems the firewall is stopping freshclam to download > > > > updates. > > > > > > That's what I told you in my Sept 3rd reply to you. > > > > > > > Any ideas? > > > > > > Stop the firewall from dropping the packets? > > > > > > -- > > > > > > 73, > > > Ged. > > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Perhaps looking at your firewall's log file would show exactly what's going on. Ours is in "/var/log/firewall", but your system might keep it in a different place. I think the (Cloudflare) IP addresses used for download are "104.16.218.84" and "104.16.219.84" (and maybe others?). On Wed, 11 Sep 2019 16:31:31 +0200 Birger Birger via clamav-users wrote: > Turned firewall off with "sudo zs firewall stop" and run the command > "freshclam". > > Now all the files "main.cvd", "daily.cvd", "bytecode.cvd" and > "mirrors" was rapidly and successfully updated. > > After I turned the firewall on again. > > Changes are obviously needed in iptables and/or firewall but don't > know what. > > Den ons 11 sep. 2019 11:35G.W. Haywood via clamav-users < > clamav-users@lists.clamav.net> skrev: > > > Hi there, > > > > On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: > > > > > Now it seems the firewall is stopping freshclam to download > > > updates. > > > > That's what I told you in my Sept 3rd reply to you. > > > > > Any ideas? > > > > Stop the firewall from dropping the packets? > > > > -- > > > > 73, > > Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Hi there, On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: Den ons 11 sep. 2019 11:35G.W. Haywood via clamav-users skrev: On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: Now it seems the firewall is stopping freshclam to download updates. Stop the firewall from dropping the packets? Turned firewall off with "sudo zs firewall stop" and run the command "freshclam". Now all the files "main.cvd", "daily.cvd", "bytecode.cvd" and "mirrors" was rapidly and successfully updated. After I turned the firewall on again. Changes are obviously needed in iptables and/or firewall but don't know what. First you need to learn about TCP/IP. This list is not the right place. I suggest you start with something like the 'Networking concepts HOWTO' and the 'Packet Filtering HOWTO', which are very old but which contain much which is still relevant. You can find them, and some other useful documents about networking, in several languages, here: https://www.netfilter.org/documentation/ There are many other sources of useful information about networking, but please try to stay away from 'quick fixes'. You need to build your understanding of what you are doing; if you simply follow a few instructions you will not learn very much, and you risk both leaving your systems vulnerable to attack and giving the gift of a free tool to criminals who will abuse your systems. In other words you will become part of the problem. Please do not underestimate the task ahead of you. You will need to do at least many weeks of study before you can attain any proficiency in firewall management. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Turned firewall off with "sudo zs firewall stop" and run the command "freshclam". Now all the files "main.cvd", "daily.cvd", "bytecode.cvd" and "mirrors" was rapidly and successfully updated. After I turned the firewall on again. Changes are obviously needed in iptables and/or firewall but don't know what. Den ons 11 sep. 2019 11:35G.W. Haywood via clamav-users < clamav-users@lists.clamav.net> skrev: > Hi there, > > On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: > > > Now it seems the firewall is stopping freshclam to download updates. > > That's what I told you in my Sept 3rd reply to you. > > > Any ideas? > > Stop the firewall from dropping the packets? > > -- > > 73, > Ged. > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Hi there, On Wed, 11 Sep 2019, Birger Birger via clamav-users wrote: Now it seems the firewall is stopping freshclam to download updates. That's what I told you in my Sept 3rd reply to you. Any ideas? Stop the firewall from dropping the packets? -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Now it seems the firewall is stopping freshclam to download updates. Any ideas? freshclam-log Wed Sep 11 11:04:53 2019 -> -- Wed Sep 11 11:04:53 2019 -> ClamAV update process started at Wed Sep 11 11:04:53 2019 Wed Sep 11 11:04:53 2019 -> WARNING: Your ClamAV installation is OUTDATED! Wed Sep 11 11:04:53 2019 -> WARNING: Local version: 0.100.3 Recommended version: 0.101.4 Wed Sep 11 11:04:53 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Wed Sep 11 11:04:53 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) Wed Sep 11 11:05:24 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:05:24 2019 -> WARNING: getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84) Wed Sep 11 11:05:24 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Can't query daily.25569.93.0.0.6810DB54.ping.clamav.net Wed Sep 11 11:05:24 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:05:24 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:05:24 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:05:24 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:05:24 2019 -> WARNING: Incremental update failed, trying to download daily.cvd Wed Sep 11 11:06:09 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:06:09 2019 -> WARNING: getfile: Download interrupted: Operation now in progress (IP: 104.16.218.84) Wed Sep 11 11:06:09 2019 -> WARNING: Can't download daily.cvd from db.se.clamav.net Can't query daily.0.93.0.0.6810DA54.ping.clamav.net Wed Sep 11 11:06:09 2019 -> Trying again in 5 secs... Wed Sep 11 11:06:14 2019 -> ClamAV update process started at Wed Sep 11 11:06:14 2019 Wed Sep 11 11:06:14 2019 -> WARNING: Your ClamAV installation is OUTDATED! Wed Sep 11 11:06:14 2019 -> WARNING: Local version: 0.100.3 Recommended version: 0.101.4 Wed Sep 11 11:06:14 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Wed Sep 11 11:06:14 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) Wed Sep 11 11:06:15 2019 -> Trying host db.se.clamav.net (104.16.219.84)... Wed Sep 11 11:06:45 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:06:45 2019 -> WARNING: getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84) Wed Sep 11 11:06:45 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Can't query daily.25569.93.0.0.6810DB54.ping.clamav.net Wed Sep 11 11:06:46 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:06:46 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:06:46 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:06:46 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:06:46 2019 -> WARNING: Incremental update failed, trying to download daily.cvd Wed Sep 11 11:07:30 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:07:30 2019 -> WARNING: getfile: Download interrupted: Operation now in progress (IP: 104.16.218.84) Wed Sep 11 11:07:30 2019 -> WARNING: Can't download daily.cvd from db.se.clamav.net Can't query daily.0.93.0.0.6810DA54.ping.clamav.net Wed Sep 11 11:07:30 2019 -> Trying again in 5 secs... Wed Sep 11 11:07:35 2019 -> ClamAV update process started at Wed Sep 11 11:07:35 2019 Wed Sep 11 11:07:35 2019 -> WARNING: Your ClamAV installation is OUTDATED! Wed Sep 11 11:07:35 2019 -> WARNING: Local version: 0.100.3 Recommended version: 0.101.4 Wed Sep 11 11:07:35 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Wed Sep 11 11:07:35 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) Wed Sep 11 11:08:07 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:08:07 2019 -> WARNING: getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84) Wed Sep 11 11:08:07 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Can't query daily.25569.93.0.0.6810DB54.ping.clamav.net Wed Sep 11 11:08:07 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:08:07 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:08:07 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:08:07 2019 -> WARNING: getpatch: Can't download daily-25569.cdiff from db.se.clamav.net Wed Sep 11 11:08:07 2019 -> WARNING: Incremental update failed, trying to download daily.cvd Wed Sep 11 11:08:51 2019 -> nonblock_recv: recv timing out (30 secs) Wed Sep 11 11:08:51 2019 -> WARNING: getfile:
[clamav-users] Fwd: Fwd: Fwd: Fwd: freshclam incremental update
Have added the following lines to /etc/apparmor.d/ usr.bin.freshclam and
usr.sbin.clamd:
1. /etc/ssl/openssl.cnf r,
2. /{,var/}run/samba/winbindd/pipe rw,
This made the apparmor DENIED lines in syslog and kernel.log disappear.
Still no completed downoads with freshclam of daily and incremental
updates.
-- Forwarded message -
Från: Birger Birger
Date: sön 8 sep. 2019 kl 12:35
Subject: Re: [clamav-users] Fwd: Fwd: Fwd: freshclam incremental update
To: ClamAV users ML
Cc: ClamAV users ML
Tried to delete and install ClamAV again. No difference in behaviour from
what I can see. Downloads with freshclam still halts, appearantly because
of apparmor.
Den tors 5 sep. 2019 21:54Joel Esler (jesler) skrev:
> How did you get this?
>
> Sent from my iPad
>
> On Sep 5, 2019, at 05:06, Birger Birger via clamav-users <
> clamav-users@lists.clamav.net> wrote:
>
>
> This might provide additional information.
>
> /usr/bin/freshclam
> *Trying to retrieve CVD header of http://%s/%s
> %cremote_cvdhead: write failed
> %cremote_cvdhead: Error while reading CVD header from %s
>%c%s not found on remote server
> %cremote_cvdhead: Unknown response from %s (IP: %s): %s
> %cremote_cvdhead: Unknown response from %s (IP: %s)
> %cremote_cvdhead: Malformed CVD header (too short)
> %cremote_cvdhead: Malformed CVD header (bad chars)
> %cremote_cvdhead: Malformed CVD header (can't parse)
>!getfile: Can't allocate memory for 'remotename'
>*Trying to download http://%s/%s
>*Trying to download http://%s/%s (IP: %s)
> %cgetfile: Can't write to socket
>%cgetfile: Error while reading database from %s: %s
> %cgetfile: Error while reading database from %s (IP: %s): %s
>^getfile: %s not found on %s (IP: %s)
> %cgetfile: Unknown response from %s: %s
> %cgetfile: Unknown response from %s (IP: %s): %s
>%cgetfile: Unknown response from %s
> %cgetfile: Unknown response from %s (IP: %s)
>!getfile: Can't create new file %s in %s
>!getfile: Can't create new file %s in the current directory
> Hint: The database directory must be writable for UID %d or GID %d
> getfile: Can't write %d bytes to %s
> %cgetfile: Download interrupted: %s (Host: %s)
> %cgetfile: Download interrupted: %s (IP: %s)
>GET %s/%s HTTP/1.0
> Host: %s
> %sUser-Agent: %s
> Connection: close
> %s%s%s
> !Can't allocate memory for filename!
>!Can't read CVD header of new %s database.
> ^Mirror %s is not synchronized.
> ^Mirror is more than 1 version out of date. Recording mirror
> failure.
> !updatedb: Unknown database name (%s) passed.
> ^Broken database version in TXT record.
> ^Invalid DNS reply. Falling back to HTTP mode.
> ^DNS record is older than 3 hours.
> ^No timestamp in TXT record for %s
> ^Broken database version in TXT record for %s
> HTTPProxyUsername requires HTTPProxyPassword
>%s is up to date (version: %d, sigs: %d, f-level: %d, builder: %s)
> %s.%u.%u.%u.%u.%s.ping.clamav.net ^Can't read %s header from %s
> ^Can't read %s header from %s (IP: %s)
> ^Current functionality level = %d, recommended = %d
> Please check if ClamAV tools are linked against the proper version of
> libclamav
> DON'T PANIC! Read
> https://www.clamav.net/documents/installing-clamav
>!getpatch: Can't get path of current working directory
> !chdir_tmp: dbname parameter value too long to create cvd file name: %s
> !chdir_tmp: dbname parameter value too long to create cld file
> name: %s
> !chdir_tmp: Can't access local %s database
> !chdir_tmp: Can't create directory %s
> !chdir_tmp: Can't unpack %s into %s
> !chdir_tmp: Can't change directory to %s
>Empty script %s, need to download entire database
> %cgetpatch: Can't download %s from %s
> !getpatch: Can't open %s for reading
>^Incremental update failed, trying to download %s
> !buildcld: Can't get path of current working directory
> !buildcld: Can't access directory %s
>!buildcld: Can't open %s for writing
>!buildcld: Can't open directory %s
> !buildcld: gzopen() failed for %s
> !buildcld: COPYING file not found
> !buildcld: Can't add COPYING to new %s.cld - please check if there
> is enough disk space available
> Updates to main.cvd or safebrowsing.cvd may require 200MB of disk
> space or more
> !buildcld: Can't add %s to new %s.cld - please check if there is
> enough disk space available
>!buildcld: Can't add daily.cfg to new %s.cld - please check if there is
> enough disk space available
> !buildcld: gzclose() failed for %s
> !buildcld: close() failed for %s
>!buildcld: Can't return to previous directory %s
>^Can't unlink the old database file %s. Please remove it manually.
> %s updated (version: %d, sigs: %d, f-level: %d, builder: %s)
>^Your ClamAV installation is OUTDATED!
>
