[clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

Al Varnell alvarnell at mac.com
Tue Dec 11 22:15:32 EST 2018


I have to support you in that this guidance has been there for many years now, but I've never really understood why that was necessary. Obviously this method is part of the problem that Joel has been describing about the number of users always downloading the .cvd and it also greatly increases local network traffic. 

I'm not in a position to come up with a better solution, but it would seem there should be a more cost-effective solution in cases where a local mirror is required.

-Al-
ClamXAV User

On Tue, Dec 11, 2018 at 11:45 AM, Paul Kosinski wrote:
> Ever since we set up a local mirror on our LAN, we have not been using
> cdiffs. The reason for this is that I followed the procedure outlined
> on the ClamAV website (about 2/3 down the page) at:
> 
>  http://www.clamav.net/documents/clamav-virus-database-faq <http://www.clamav.net/documents/clamav-virus-database-faq>
> 
> where it says:
> 
> [Q] I’m running ClamAV on a lot of clients on my local network.  Can I serve the cvd files from a local server
>    so that each client doesn’t have to download them from your servers?
> 
> [A] Sure, you can find more details on our Mirror page.
> 
>   If you want to take advantage of incremental updates, install a proxy server and then
>    configure your freshclam clients to use it (watch for the HTTPProxyServer parameter in man freshclam.conf).
> 
>   The second possible solution is to:
> 
>      Configure a local webserver on one of your machines (say machine1.mylan)
> 
>      Let freshclam download the *.cvd files from http://database.clamav.net <http://database.clamav.net/> to the webserver’s DocumentRoot.
> 
>      Finally, change freshclam.conf on your clients so that it includes:
> 
>      DatabaseMirror machine1.mylan
> 
>      ScriptedUpdates off
> 
>      First the database will be downloaded to the local webserver and then the other clients
>        on the network will update their copy of the database from it.
> 
>      Important: For this to work, you have to add ScriptedUpdates off on all of your machines!
> 
> Since I didn't want to set up a proxy server for this purpose, I used
> the 2nd solution (and a very trivial web server). Thus, cvd files only.
> 
> P.S. I am now thinking about trying the BOS vs IAD test for cdiff
> files. But, even if cdiff files always work without any delays, doesn't
> "scripted update" on occasion have to back off to downloading full cvds?
> 
> P.P.S. Thanks for the curl help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181211/cf82e0d3/attachment.html>


More information about the clamav-users mailing list