[clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused
Chris
cpollock at embarqmail.com
Thu Feb 1 18:49:56 UTC 2018
On Thu, 2018-02-01 at 18:28 +0100, Reindl Harald wrote:
>
> Am 01.02.2018 um 18:23 schrieb Chris:
> >
> > nc -zv 127.0.0.1 3300-3400
> > nc: connect to 127.0.0.1 port 3300 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3301 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3302 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3303 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3304 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3305 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3306 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3307 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3308 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3309 (tcp) failed: Connection refused
> > nc: connect to 127.0.0.1 port 3310 (tcp) failed: Connection refused
> >
> > Odd that in all the years I've run ClamAV with the same settings
> > I've
> > not had this problem.
> >
> > Using nc -l 3310 in one terminal and nc 127.0.0.1 3310 I get:
> >
> > nc -l 3310
> > test
> > this is a test
> smells like SELinux preventing the client to connect to a non-
> default
> port while it still don't explain teh different results of "nc"
I see this in syslog when restarting the daemon with sudo
/etc/init.d/clamav-daemon restart:
TCP: No tcp AF_INET/AF_INET6 SOCK_STREAM socket received from systemd.
LOCAL: Received AF_UNIX SOCK_STREAM socket from systemd.
I'm not sure if that's correct or not since I never had a reason to
monitor the start of the clamav-daemon before. Doing more Googling I
came across https://serverfault.com/questions/798587/debian-8-cant-get-
clamav-to-listen-on-tcp-3310 which is somewhat like my issue. It
mentions "Comment out all ListenStream= in /lib/systemd/system/clamav-
daemon.socket."
[Unit]
Description=Socket for Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang
/en/doc/
# Check for database existence
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
[Socket]
#ListenStream=/run/clamav/clamd.ctl
#ListenStream=/var/lib/clamav/clamd.socket
#ListenStream=127.0.0.1:3310
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True
[Install]
WantedBy=sockets.target
Then Add your own ListenStream= line(s) in /etc/systemd/system/clamav-
daemon.socket.d/extend.conf
[Socket]
ListenStream=/var/lib/clamav/clamd.socket
ListenStream=127.0.0.1:3310
SocketUser=clamav
SocketGroup=clamav
Not sure if this change will work or not as I'm waiting now for either
an update from freshclam or from the unofficial rules site.
--
Chris
KeyID 0xE372A7DA98E6705C
31.11972; -97.90167 (Elev. 1092 ft)
12:35:34 up 1 day, 19:18, 1 user, load average: 0.89, 0.60, 0.48
Description: Ubuntu 16.04.3 LTS, kernel 4.13.0-32-generic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180201/43f9ef29/attachment.sig>
More information about the clamav-users
mailing list