Hi Tom,
NOTE: This forum uses bottom posting which means replying at the bottom
of the email.
On Tue, Jul 3, 2012 at 1:23 PM, Jim Preston<jimli...@commspeed.net> wrote:
On 07/03/2012 11:02 AM, Tom Goerger wrote:
Hi,
I'm having problems setting up ClamAV to work in network mode. The way
I'm
envisioning things is I've got a machine running clamdscan on client, and
clamd running on server. I've got clamd.conf on client set up to point at
the IP and port of server like so:
# TCP port address.
# Default: no
TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: no
TCPAddr 134.84.1.1
I've got the server clamd.conf set up like this:
# TCP port address.
# Default: no
TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: no
TCPAddr 127.0.0.1
I'm getting an error of "ERROR: TCP: bind() error: Cannot assign requested
address" with this setup. The port is open to the client IP address on
the
server. I'm not sure what I've got wrong in the setup. Should the server
just be in a local setup, with the client set to network pointing at its
IP? Or should both the server and client be set up as network, with both
using the server's IP? Something else?
Thanks for any help. I just haven't been able to find much documentation
for the network mode.
Tom
Hi Tom,
Try setting the server to use it's IP address. Although you have opened
the port, clamd is not listening on the address only the loopback address
so no connection can be made from the client to the server's clamd engine.
You also do not state which machine is giving the ERROR: TCP: bind()
error. Are there any errors generated from starting clamd and clamdscan on
the server and client respectively?
Jim
--
Jim Preston
______________________________**_________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/**ml<http://www.clamav.net/support/ml>
On 07/05/2012 11:24 AM, Tom Goerger wrote:
The error is coming from the client side. I've verified that the clamd
instance on the server is up and running on the TCP port for the server
address, rather than localhost, and running on the correct port. From the
log file on the server side, everything appears to be running correctly.
I've verified with the server admins that port 3310 is open to the client's
IP, but I'm still getting a bind error on that machine, trying to connect
to the server IP on port 3310.
These are the log entries from the client machine:
+++ Started at Thu Jul 5 12:45:23 2012
clamd daemon 0.96.4 (OS: solaris2.9, ARCH: sparc, CPU: sparc)
Log file size limited to 1048576 bytes.
Reading databases from /var/opt/clamav/db
Not loading PUA signatures.
Loaded 1026634 signatures.
ERROR: TCP: bind() error: Cannot assign requested address
And from the server side:
+++ Started at Thu Jul 5 12:44:35 2012
clamd daemon 0.97.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Log file size limited to 2097152 bytes.
Reading databases from /var/lib/clamav
Not loading PUA signatures.
Bytecode: Security mode set to "TrustSigned".
Loaded 1264089 signatures.
TCP: Bound to address 134.84.x.x on port 3310
TCP: Setting connection queue length to 200
Limits: Global size limit set to 104857600 bytes.
Limits: File size limit set to 26214400 bytes.
Limits: Recursion level limit set to 16.
Limits: Files limit set to 10000.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
HTML support enabled.
Self checking every 600 seconds.
No stats for Database check - forcing reload
Reading databases from /var/lib/clamav
Database correctly reloaded (1264089 signatures)
I am not sure you are running the client / server correctly. If you want
the server, clamd, running on a server and clients running on their own
systems, you should be starting clamd on the server and using clamdscan
on the clients. From your post, it looks like you are trying to start
clamd on the clients, is this a correct assumption? clamd.conf on the
clients should be set to point to the server via the TCP addresses
settings. Also you will want to check the server firewall and ensure the
ports that you specify for the clients is accessible and the port range
should be set on both the server and client. Below is the relevant
section from clamd.conf.
# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
# on firewall servers you may need to tune the options below.
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
# Default: 25M
#StreamMaxLength 10M
# Limit port range.
# Default: 1024
#StreamMinPort 30000
# Default: 2048
#StreamMaxPort 32000
--
Jim Preston
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
