[clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

Eric Tykwinski eric-list at truenet.com
Mon Dec 10 21:25:01 EST 2018


Dennis,

> On Dec 10, 2018, at 8:26 PM, Dennis Peterson <dennispe at inetnw.com> wrote:
> 
> Helps too to read the entire thread and the thread that preceded this one. The OP has used combinations of dig and wget in diagnosing his problems.
> 
> dp

Seriously, then he should be just trying to pull the new cdiffs to see if they are propagated to the various Cloudflare hosts.

>> 
>> Sigh.
>> 
>> Does no one actually READ THE MESSAGES???
>> 
>> The OP's problem is:
>> 
>>     FRESHCLAM FAILS, REPEATEDLY, UNTIL ALL MIRRORS ARE MARKED AS BAD
>>     AND NO UPDATES CAN OCCUR.
>> 
>> Pissing up a rope about "you shouldn't do various work-arounds" is a waste of time and bandwidth.
>> 
>> The OP has shown that different Cloudflare nodes give (him) different results, someone should be asking CLoudflare about how this can be addressed, not dismissing the very valid and basic problem.
>> 
>> This sort of behaviour just proves that Dunning-Kruger is alive and involved in far too many OSS projects.
>> 
>>     Cheers,
>>         Gary    B-)

Gary,

I haven’t really followed the whole thread, but I’ve been seeing it for months that I recall, definitely a waste of bandwidth, and probably should be solved to some extent.

Looking at his logs, the headers are only for a CVD, so he’s not trying updates.

Example of a cdiff pull from telnet:
telnet database.clamav.net 80
Trying 104.16.186.138...
Connected to database.clamav.net.cdn.cloudflare.net.
Escape character is '^]'.
GET /daily-25195.cdiff HTTP/1.1
host: database.clamav.net

?????o??_}??/~?uЯ?|??~?f?l??Ox????????~??????O6????/??????_?????>??Ϸ_????7?~??̯???ߢ?????ӏ~???B??{}~?[????A???7????ņ?>???


You don’t get those nice header parts to the file, so you wouldn’t know the last update as it’s apart of the file itself.  Looking at manager.c on freshclam, he should have been posting something like: "^getfile: %s not found on %s (IP: %s)\n" which gets posted to the logs when the file doesn’t exist.

I’m not positive on this so Micah can chime in, but I do believe you get the cdiff files from the DNS TXT somehow.

If anything it’s a good lesson on how exactly freshclam works.

Sincerely,

Eric Tykwinski
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181210/20c54bd0/attachment.html>


More information about the clamav-users mailing list