On 5/10/10 8:43 AM, Eddie Ekwo wrote:
Hello Everyone.
I am new to using ClamAV and I have searched through the mail archives for
help/pointers on setting up a tired freshclam update environment.
I have got a server that has access to the internet on port 80, so updates from
internet are not a problem. I have already setup a private freshclam update
server. My problem arises when setting up to slave update servers that can only
communicate to the master server via port 443, a further complication is that
client can only talk to the master/slave servers using port 443.
My question is - is this possible? And if so can someone point me in the right
direction that I can read on how to achieve this?
Can I use the tcp sockets 3310? If not what other possibilities are available?
Thank you.
Eddie Ekwo
Network Infrastructure Engineer
Once you have copies of the signatures on your system (using freshclam) the need
for the special role of freshclam is ended. Freshclam tests the files at the
time of the download. Once that is done there should be no need for that test
when passing the signatures around your network.
Place the fully tested files on your https server and transfer them to other
systems using what ever scriptable https client you have available, and place
them into working directories as atomically as possible. I would be inclined to
use rsync if at all possible rather than https.
If you feel the need to check the files again before using them once your
clients have received them then a simple check can be performed with clamscan:
clamscan --quiet -d daily.cld clam.txt
echo $?
0
clam.txt is a very small one line text file known not to contain a virus.
clamscan will quit with an error returned to $? if the signature file, in this
example, daily.cld, is corrupt. It can be a bit of a resource pig, but it works.
Alternatively you can use sigtool to create an md5 hash of the signature files
and pass that information as a file to the clients over the ssl connection.
sigtool --md5 daily.cld
b5c006e5debb8e546c56882469083f00:4300800:../daily.cld
These are tests that are commonly performed when using 3rd party signatures when
freshclam is not an option.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
