On Thu, Jul 5, 2012 at 2:24 PM, Tom Goerger <t...@umn.edu> wrote: > The error is coming from the client side. I've verified that the clamd > instance on the server is up and running on the TCP port for the server > address, rather than localhost, and running on the correct port. From the > log file on the server side, everything appears to be running correctly. > I've verified with the server admins that port 3310 is open to the client's > IP, but I'm still getting a bind error on that machine, trying to connect > to the server IP on port 3310. > > These are the log entries from the client machine: > > +++ Started at Thu Jul 5 12:45:23 2012 > clamd daemon 0.96.4 (OS: solaris2.9, ARCH: sparc, CPU: sparc) > Log file size limited to 1048576 bytes. > Reading databases from /var/opt/clamav/db > Not loading PUA signatures. > Loaded 1026634 signatures. > ERROR: TCP: bind() error: Cannot assign requested address > > And from the server side: > > +++ Started at Thu Jul 5 12:44:35 2012 > clamd daemon 0.97.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) > Log file size limited to 2097152 bytes. > Reading databases from /var/lib/clamav > Not loading PUA signatures. > Bytecode: Security mode set to "TrustSigned". > Loaded 1264089 signatures. > TCP: Bound to address 134.84.x.x on port 3310 > TCP: Setting connection queue length to 200 > Limits: Global size limit set to 104857600 bytes. > Limits: File size limit set to 26214400 bytes. > Limits: Recursion level limit set to 16. > Limits: Files limit set to 10000. > Archive support enabled. > Algorithmic detection enabled. > Portable Executable support enabled. > ELF support enabled. > Mail files support enabled. > OLE2 support enabled. > PDF support enabled. > HTML support enabled. > Self checking every 600 seconds. > No stats for Database check - forcing reload > Reading databases from /var/lib/clamav > Database correctly reloaded (1264089 signatures) > > On Tue, Jul 3, 2012 at 1:23 PM, Jim Preston <jimli...@commspeed.net> > wrote: > > > On 07/03/2012 11:02 AM, Tom Goerger wrote: > > > >> Hi, > >> > >> I'm having problems setting up ClamAV to work in network mode. The way > >> I'm > >> envisioning things is I've got a machine running clamdscan on client, > and > >> clamd running on server. I've got clamd.conf on client set up to point > at > >> the IP and port of server like so: > >> > >> # TCP port address. > >> # Default: no > >> TCPSocket 3310 > >> > >> # TCP address. > >> # By default we bind to INADDR_ANY, probably not wise. > >> # Enable the following to provide some degree of protection > >> # from the outside world. > >> # Default: no > >> TCPAddr 134.84.1.1 > >> > >> I've got the server clamd.conf set up like this: > >> > >> # TCP port address. > >> # Default: no > >> TCPSocket 3310 > >> > >> # TCP address. > >> # By default we bind to INADDR_ANY, probably not wise. > >> # Enable the following to provide some degree of protection > >> # from the outside world. > >> # Default: no > >> TCPAddr 127.0.0.1 > >> > >> I'm getting an error of "ERROR: TCP: bind() error: Cannot assign > requested > >> address" with this setup. The port is open to the client IP address on > >> the > >> server. I'm not sure what I've got wrong in the setup. Should the > server > >> just be in a local setup, with the client set to network pointing at its > >> IP? Or should both the server and client be set up as network, with > both > >> using the server's IP? Something else? > >> > >> Thanks for any help. I just haven't been able to find much > documentation > >> for the network mode. > >> > >> Tom > >> > >> > >> Hi Tom, > > > > Try setting the server to use it's IP address. Although you have opened > > the port, clamd is not listening on the address only the loopback address > > so no connection can be made from the client to the server's clamd > engine. > > > > You also do not state which machine is giving the ERROR: TCP: bind() > > error. Are there any errors generated from starting clamd and clamdscan > on > > the server and client respectively? > > > > Jim > > > > -- > > Jim Preston > > > > > > > > ______________________________**_________________ > > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > > http://www.clamav.net/support/**ml <http://www.clamav.net/support/ml> > > > > > > -- > Tom Goerger > University of Minnesota - Internet Services > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml >
Don't run clamd on the client side with those settings. Bind should fail on the client because it is not allowed to bind to that address (which belongs to another machine on your network, namely your clamd server). For your network mode setup, it sounds like you should be running only clamdscan on the client and disable the clamd. Keep in mind that you can tell clamdscan to use a separate config-file [with the config-file command line option]. It is possible to run clamd on the local server and still force clamdscan to connect to a remote machine this way. You can use that to make sure that clamdscan works with your desired config file before taking further actions like shutting off the local client's clamd and installing your updated config file. Dave R. --- Dave Raynor Sourcefire Vulnerability Research Team dray...@sourcefire.com _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
