[clamav-users] Trouble getting cvd files from private local mirror

John Kennedy skebi69 at gmail.com
Fri Dec 8 16:23:36 UTC 2017 

I have set up a private local mirror at clamav.trustx.com. Our environment
is AWS based with many VPC's. We have an "admin" VPC that is reachable from
all other VPCs.

I have tried both the second (Serve CVD files from a local web server - my
preferred method) and third (Serve CVD and CDIFF files from a local web
server) options from the Private Mirror FAQ with no luck. I can use both
curl and wget from the client machine to pull down the cvd files but when I
try and run freshclam I get the following error:
-----

# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Fri Dec  8 16:14:06 2017
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 60
Software version from DNS: 0.99.2
main.cvd version from DNS: 58
Retrieving http://clamav.trustx.com/main-58.cdiff
Ignoring mirror 10.10.10.10 (due to previous errors)
Ignoring mirror 10.10.10.10 (due to previous errors)
WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com
Retrieving http://clamav.trustx.com/main-58.cdiff
Ignoring mirror 10.10.10.10 (due to previous errors)
WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com
Retrieving http://clamav.trustx.com/main-58.cdiff
Ignoring mirror 10.10.10.10 (due to previous errors)
WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com
WARNING: Incremental update failed, trying to download main.cvd
Whitelisting short-term blacklisted mirrors
Retrieving http://clamav.trustx.com/main.cvd
connect_error: getsockopt(SO_ERROR): fd=4 error=110: Connection timed out
Can't connect to port 80 of host clamav.trustx.com (IP: 10.10.10.10)
Ignoring mirror 10.10.10.10 (due to previous errors)
WARNING: Can't download main.cvd from clamav.trustx.com
Trying again in 5 secs...
-----

# curl -q http://clamav.trustx.com/main.cvd --output main.cvd
  % Total    % Received % Xferd  Average Speed   Time    Time     Time
Current
                                 Dload  Upload   Total   Spent    Left
Speed
100  112M  100  112M    0     0  8856k      0  0:00:13  0:00:13 --:--:--
11.5M
-----

>From the web server:
-----

# cat 100-clamav.conf
server {
  listen  80;
  server_name  clamav.trustx.com;
  sendfile on;

  add_header Strict-Transport-Security "max-age=31536000;
includeSubDomains";


  root  /var/data/clamav;

  location /simple {
    allow 10.0.0.0/8;
    allow 77.75.100.144/28;
    deny all;
    autoindex on;
  }

  access_log  /var/log/nginx/clamav_access.log;
  error_log   /var/log/nginx/clamav_error.log;
} # End server clamav.trustx.com
-----

Both clamav_access.log and clamav_error.log are empty
-----

# pwd
/var/data/clamav
[root at DevOps clamav]# ls -l
total 208800
-rw-r--r-- 1 nginx root       770 Dec  7 02:17 bytecode-319.cdiff
-rw-r--r-- 1 nginx root    153228 Dec  7 02:17 bytecode.cvd
-rw-r--r-- 1 nginx root      6437 Nov 28 01:09 daily-24080.cdiff
-rw-r--r-- 1 nginx root      7802 Nov 28 09:07 daily-24081.cdiff
-rw-r--r-- 1 nginx root      9705 Nov 28 17:09 daily-24082.cdiff
-rw-r--r-- 1 nginx root     10406 Nov 29 01:08 daily-24083.cdiff
-rw-r--r-- 1 nginx root      7508 Nov 29 09:03 daily-24084.cdiff
-rw-r--r-- 1 nginx root      6990 Nov 29 17:08 daily-24085.cdiff
-rw-r--r-- 1 nginx root     12340 Nov 30 01:10 daily-24086.cdiff
-rw-r--r-- 1 nginx root      7461 Nov 30 09:09 daily-24087.cdiff
-rw-r--r-- 1 nginx root      6331 Nov 30 17:10 daily-24088.cdiff
-rw-r--r-- 1 nginx root      8811 Dec  1 01:12 daily-24089.cdiff
-rw-r--r-- 1 nginx root      9504 Dec  1 09:11 daily-24090.cdiff
-rw-r--r-- 1 nginx root      6476 Dec  1 17:09 daily-24091.cdiff
-rw-r--r-- 1 nginx root      8647 Dec  2 01:09 daily-24092.cdiff
-rw-r--r-- 1 nginx root      6714 Dec  2 09:12 daily-24093.cdiff
-rw-r--r-- 1 nginx root      4034 Dec  2 17:08 daily-24094.cdiff
-rw-r--r-- 1 nginx root      3766 Dec  3 01:11 daily-24095.cdiff
-rw-r--r-- 1 nginx root      3609 Dec  3 09:10 daily-24096.cdiff
-rw-r--r-- 1 nginx root      5718 Dec  3 17:09 daily-24097.cdiff
-rw-r--r-- 1 nginx root      4577 Dec  4 01:10 daily-24098.cdiff
-rw-r--r-- 1 nginx root      3616 Dec  4 09:09 daily-24099.cdiff
-rw-r--r-- 1 nginx root      6595 Dec  4 17:12 daily-24100.cdiff
-rw-r--r-- 1 nginx root     10800 Dec  5 01:12 daily-24101.cdiff
-rw-r--r-- 1 nginx root      9302 Dec  5 09:11 daily-24102.cdiff
-rw-r--r-- 1 nginx root     11367 Dec  5 17:12 daily-24103.cdiff
-rw-r--r-- 1 nginx root     40675 Dec  6 01:15 daily-24104.cdiff
-rw-r--r-- 1 nginx root     30876 Dec  6 09:10 daily-24105.cdiff
-rw-r--r-- 1 nginx root      9570 Dec  6 17:13 daily-24106.cdiff
-rw-r--r-- 1 nginx root     16062 Dec  7 02:17 daily-24107.cdiff
-rw-r--r-- 1 nginx root     19871 Dec  7 21:14 daily-24108.cdiff
-rw-r--r-- 1 nginx root     12366 Dec  8 05:11 daily-24109.cdiff
-rw-r--r-- 1 nginx root      9439 Dec  8 13:12 daily-24110.cdiff
-rw-r--r-- 1 nginx root  43280869 Dec  8 13:12 daily.cvd
-rw-r--r-- 1 nginx root  43280869 Dec  8 13:12 daily.cvd.1
-rw-r--r-- 1 nginx root        41 Dec  8 15:41 dns.txt
-rw-r--r-- 1 nginx root       138 Nov 27 21:03 index.html
-rw-r--r-- 1 nginx root   8808462 Nov 27 21:30 main-58.cdiff
-rw-r--r-- 1 nginx root 117892267 Nov 27 21:29 main.cvd
drwxr-xr-x 2 nginx root         6 Dec  8 16:05 temp
-----

John Kennedy  (_8(|)

If I'm a sarcastic asshole when I talk to you it's either because I really
like you and feel comfortable teasing you or I really hate you and don't
care if you know it. Good luck figuring out which one...

Sometimes it happens, sometimes it doesn't - Pedro Catacora

The Dunning-Kruger effect occurs when incompetent people not only fail to
realize their incompetence, but consider themselves much more competent
than everyone else. Basically - they're too stupid to know that they're
stupid.

More information about the clamav-users mailing list