Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: erotavlas on September 18, 2019, 06:54:36 pm
-
Hi,
I'm using zentyal 6.0.1 (ubuntu 18.04.3) and I installed clamav (0.100.3+dfsg-0ubuntu0.18.04.1) and clamtk (5.25-1), but I'm not able to update the clamav signature with freshclam as usual.
Wed Sep 18 18:46:20 2019 -> ClamAV update process started at Wed Sep 18 18:46:20 2019
Wed Sep 18 18:46:20 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:46:20 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:46:20 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:46:20 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:46:25 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.219.84)
Wed Sep 18 18:46:25 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:25 2019 -> *Can't query daily.25478.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:26 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^Incremental update failed, trying to download daily.cvd
Wed Sep 18 18:47:42 2019 -> nonblock_recv: recv timing out (30 secs)
Wed Sep 18 18:47:42 2019 -> ^getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84)
Wed Sep 18 18:47:42 2019 -> ^Can't download daily.cvd from db.local.clamav.net
Wed Sep 18 18:47:42 2019 -> *Can't query daily.0.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:47:42 2019 -> Trying again in 5 secs...
Wed Sep 18 18:47:47 2019 -> ClamAV update process started at Wed Sep 18 18:47:47 2019
Wed Sep 18 18:47:48 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:47:48 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:47:48 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:47:48 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:47:51 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:51 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
The process is repeated many times without success. I can only update the signature manually by downloading them from clamav Web site via wget (the same url present in /etc/clamav/freshclam).
I tried with a fresh install of zentyal 6.0.1 and the behaviour is the same. All works well under ubuntu 18.04.3 64 bit.
Moreover, the freshclam service does not start:
sudo systemctl status clamav-freshclam
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; disabled; vendo
Active: inactive (dead)
Docs: man:freshclam(1)
man:freshclam.conf(5)
https://www.clamav.net/documents
lines 1-6/6 (END)...skipping...
Any idea about this? Could be a bug?
Thank you in advance
-
:)
Could you please run this command in your Zentyal server ?
grep '104.16.218.84' /var/log/syslog*
(The goal of this command is to detect if your firewall is blocking the Cloudflare's IP address which uses ClamAV.)
Cheers!
-
:)
Run this command too, please!
sudo freshclam --list-mirrors
Cheers!
-
/var/log/syslog.1:Sep 20 00:03:35 servermeteo kernel: [110493.016384] zentyal-firewall drop IN= OUT=eth0 SRC=93.187.29.77 DST=104.16.218.84 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=23792 DF PROTO=TCP SPT=40100 DPT=80 WINDOW=12386 RES=0x00 ACK FIN URGP=0 MARK=0x1
/var/log/syslog.1:Sep 20 00:04:04 servermeteo kernel: [110521.432479] zentyal-firewall drop IN= OUT=eth0 SRC=93.187.29.77 DST=104.16.218.84 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=23793 DF PROTO=TCP SPT=40100 DPT=80 WINDOW=12386 RES=0x00 ACK FIN URGP=0 MARK=0x1
sudo freshclam --list-mirrors
Mirror #1
IP: 104.16.219.84
Successes: 2
Failures: 21
Last access: Fri Sep 20 01:07:58 2019
Ignore: No
-------------------------------------
Mirror #2
IP: 104.16.218.84
Successes: 0
Failures: 19
Last access: Fri Sep 20 01:07:14 2019
Ignore: No
At the moment I solved with this script and crontab:
#!/bin/bash
# update
#freshclam
FILES="main.cvd daily.cvd bytecode.cvd";
for F in ${FILES}; do
sudo rm -f /var/lib/clamav/$F
wget http://database.clamav.net/$F -P /var/lib/clamav
sudo chown clamav:clamav /var/lib/clamav/$F
sudo chmod 644 /var/lib/clamav/$F
done
Now the clamav-daemon run again properly.