I *did* read the private local mirrors stuff. It offers 3 alternative solutions, all of which require http. If you'll read my original post more carefully, you'll see that that is what I'm trying to avoid.
On Wed, Jul 22, 2015 at 2:22 PM, Al Varnell <alvarn...@mac.com> wrote: > See Private Local Mirrors: <http://www.clamav.net/doc/mirrors-private.html > >. > > -Al- > > On Jul 22, 2015, at 9:04 AM, Phil Dumont wrote: > > I'm considering using clamav on a machine that is not (can not be) on the > > network (any network, not even a local one). > > > > I have a few ideas for how to get virus definition updates onto the > > machine, but none of them is quite perfect. > > > > All of them start with getting on an online computer and pulling the .cvd > > files (main, daily, bytecode) off the net and onto on optical disk, then > > sticking that disk into the offline machine. > > > > Then what? > > > > I'd like to use freshclam, just because that's the "official" way to do > it. > > > > I get that I can add some DatabaseCustomURL directives to my > > freshclam.conf, with file URLs that just point directly to wherever the > > optical disk will be mounted. That works. > > > > The part I haven't figured out yet is if there is any way to get > freshclam > > *not* to go out on the web to verify the databases. > > > > As far as I can tell, there is no way to tell it to just skip that step, > > which is what I would prefer. > > > > Alternatively, is there any way to make it do it locally? > > > > There's PrivateMirror, which would be fine if it's value could be a file > > URL, but it seems to want a host name to build an http URL out of. > Which > > means, for my offline computer, I have to have at least loopback > networking > > runnng, and an HTTP server, which I'd rather not do. > > > > I could just let freshclam try and fail to verify the databases. But > that > > makes the command take longer than it should while waiting for the http > > attempts to time out, and clutters the logs with unsightly error > messages. > > > > The only other alternative I can think of is to use cp or rsync or some > > such to copy the .cvd files from the optical disk to /var/lib/clamav "by > > hand". This avoids unsightly error messages in the log, but that's > because > > it doesn't put *anything* in the logs. Which is unfortunate, because I'd > > like to have a record of when the updates were done. I suppose I could > > right my own script that copies the databases into place *and* logs the > > fact. > > > > Any input? > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
