On 7/15/2011 7:58 AM, Tomasz Kojm wrote: > On Thu, 14 Jul 2011 23:15:20 -0400 James Ralston > <qralston+ml.clamav-us...@andrew.cmu.edu> wrote: > >> But freshclam falls over fairly badly if you try to use it to update >> internal clients from a private mirror, even though it has some >> options to help adjust its behavior for that purpose. >> >> Now I'm thinking that if freshclam is going to be a good tool for >> updating clients behind a private mirror, there really needs to be an >> option to specify that directly. Something like: >> >> # If PrivateMirror is set, freshclam assumes that the server it >> # names is a private mirror. In this case, freshclam does not >> # attempt to use DNS to determine whether its databases are >> # out-of-date, but instead downloads the database files from the >> # private mirror every time it runs. For each database, freshclam >> # first attempts to download the CVD file. If that fails, >> # freshclam tries to grab the CLD file. If the attempt to >> # download the CVD file and attempt to download the CLD file both >> # fail, then that counts as a single attempt against MaxAttempts. >> # Default: disabled. >> #PrivateMirror clam-update.example.org
Also have it ignore ScriptedUpdates if Private Mirror is Enabled. > > I see no problem adding such a feature, just open a feature request at > bugs.clamav.net > >> But a counterargument would be that rather than turn freshclam into a >> glorified wget, if someone really wants to mirror a private mirror, >> they should just write a script using wget to do it. >> >> Thoughts? > Watch out for bug 2727 if you do. A zero byte custom DB pushed over your custom mirroring system will crash all of your clamds. > Besides downloading the db files, freshclam performes a number of checks > - it won't install corrupted db file, etc. So it should still be more > effective than wget. > > Regards, > Agreed -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
