On Tue, 13 Jul 2004 06:42:33 -0500 in [EMAIL PROTECTED] Daniel J McDonald <[EMAIL PROTECTED]> wrote:
> On Mon, 2004-07-12 at 17:10, Brian Morrison wrote: > > On Mon, 12 Jul 2004 15:59:32 -0500 in > > [EMAIL PROTECTED] > > Daniel J McDonald <[EMAIL PROTECTED]> wrote: > > > > > On Mon, 2004-07-12 at 15:04, Brian Morrison wrote: > > > > ERROR: Connection with clamav.database.net (IP: ???) failed. > > > The A rr for database.clamav.net is too big to fit in a UDP > > > datagram, so your DNS server has to allow TCP based queries in > > > order to resolve the name. > > Ah right. Well I run bind here, but I don't explicitly tell it to > > allow TCP queries, at least not that I know about :) > > No, but you might have to check your firewall rules, both on the DNS > server and externally protecting it... The DNS server and all the other machines sit behind a router that uses NAT. The only firewall rules used for port 53 access is a block on source ports 137 to 139 to keep the XP box in its place. I suspect that there is something a bit odd in the freshclam code that only triggers under certain circumstances. If it happens again and I can identify what is happening using strace or similar then I will post here and/or file a bug report. All the time this was happening both host and dig returned the whole 15 A records for database.clamav.net quite happily, so it must be a freshclam/resolver library issue I think. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
