Thanks for the reply. I did leave off name resolution - sorry. I have added the clamav mirror to /etc/hosts: 10.10.10.10 clamav clamav.trustx.com
After deleting mirrors.dat I get the same result: # rm /var/lib/clamav/mirrors.dat [root@qa-01-idx ~]# freshclam ClamAV update process started at Fri Dec 8 16:41:51 2017 connect_error: getsockopt(SO_ERROR): fd=4 error=110: Connection timed out Can't connect to port 80 of host clamav.trustx.com (IP: 10.10.10.10) WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com WARNING: Incremental update failed, trying to download main.cvd connect_error: getsockopt(SO_ERROR): fd=4 error=110: Connection timed out Can't connect to port 80 of host clamav.trustx.com (IP: 10.10.10.10) WARNING: Can't download main.cvd from clamav.trustx.com Trying again in 5 secs... ^CUpdate process terminated John Kennedy (_8(|) If I'm a sarcastic asshole when I talk to you it's either because I really like you and feel comfortable teasing you or I really hate you and don't care if you know it. Good luck figuring out which one... Sometimes it happens, sometimes it doesn't - Pedro Catacora The Dunning-Kruger effect occurs when incompetent people not only fail to realize their incompetence, but consider themselves much more competent than everyone else. Basically - they're too stupid to know that they're stupid. On Fri, Dec 8, 2017 at 11:31 AM, Dennis Peterson <denni...@inetnw.com> wrote: > The client is ignoring your servers because they are listen in mirrors.dat > as broken. Remove the mirrors.dat file and try again. > > You have not mentioned DNS or host tables but the natural assumption is > all your clients and servers have the host tables or dns information needed > to find each other and that router tables and net masks are not an issue. > > dp > > > On 12/8/17 8:23 AM, John Kennedy wrote: > >> I have set up a private local mirror at clamav.trustx.com. Our >> environment >> is AWS based with many VPC's. We have an "admin" VPC that is reachable >> from >> all other VPCs. >> >> I have tried both the second (Serve CVD files from a local web server - my >> preferred method) and third (Serve CVD and CDIFF files from a local web >> server) options from the Private Mirror FAQ with no luck. I can use both >> curl and wget from the client machine to pull down the cvd files but when >> I >> try and run freshclam I get the following error: >> ----- >> >> # freshclam -v >> Current working dir is /var/lib/clamav >> Max retries == 3 >> ClamAV update process started at Fri Dec 8 16:14:06 2017 >> Using IPv6 aware code >> Querying current.cvd.clamav.net >> TTL: 60 >> Software version from DNS: 0.99.2 >> main.cvd version from DNS: 58 >> Retrieving http://clamav.trustx.com/main-58.cdiff >> Ignoring mirror 10.10.10.10 (due to previous errors) >> Ignoring mirror 10.10.10.10 (due to previous errors) >> WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com >> Retrieving http://clamav.trustx.com/main-58.cdiff >> Ignoring mirror 10.10.10.10 (due to previous errors) >> WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com >> Retrieving http://clamav.trustx.com/main-58.cdiff >> Ignoring mirror 10.10.10.10 (due to previous errors) >> WARNING: getpatch: Can't download main-58.cdiff from clamav.trustx.com >> WARNING: Incremental update failed, trying to download main.cvd >> Whitelisting short-term blacklisted mirrors >> Retrieving http://clamav.trustx.com/main.cvd >> connect_error: getsockopt(SO_ERROR): fd=4 error=110: Connection timed out >> Can't connect to port 80 of host clamav.trustx.com (IP: 10.10.10.10) >> Ignoring mirror 10.10.10.10 (due to previous errors) >> WARNING: Can't download main.cvd from clamav.trustx.com >> Trying again in 5 secs... >> ----- >> >> # curl -q http://clamav.trustx.com/main.cvd --output main.cvd >> % Total % Received % Xferd Average Speed Time Time Time >> Current >> Dload Upload Total Spent Left >> Speed >> 100 112M 100 112M 0 0 8856k 0 0:00:13 0:00:13 --:--:-- >> 11.5M >> ----- >> >> >From the web server: >> ----- >> >> # cat 100-clamav.conf >> server { >> listen 80; >> server_name clamav.trustx.com; >> sendfile on; >> >> add_header Strict-Transport-Security "max-age=31536000; >> includeSubDomains"; >> >> >> root /var/data/clamav; >> >> location /simple { >> allow 10.0.0.0/8; >> allow 77.75.100.144/28; >> deny all; >> autoindex on; >> } >> >> access_log /var/log/nginx/clamav_access.log; >> error_log /var/log/nginx/clamav_error.log; >> } # End server clamav.trustx.com >> ----- >> >> Both clamav_access.log and clamav_error.log are empty >> ----- >> >> # pwd >> /var/data/clamav >> [root@DevOps clamav]# ls -l >> total 208800 >> -rw-r--r-- 1 nginx root 770 Dec 7 02:17 bytecode-319.cdiff >> -rw-r--r-- 1 nginx root 153228 Dec 7 02:17 bytecode.cvd >> -rw-r--r-- 1 nginx root 6437 Nov 28 01:09 daily-24080.cdiff >> -rw-r--r-- 1 nginx root 7802 Nov 28 09:07 daily-24081.cdiff >> -rw-r--r-- 1 nginx root 9705 Nov 28 17:09 daily-24082.cdiff >> -rw-r--r-- 1 nginx root 10406 Nov 29 01:08 daily-24083.cdiff >> -rw-r--r-- 1 nginx root 7508 Nov 29 09:03 daily-24084.cdiff >> -rw-r--r-- 1 nginx root 6990 Nov 29 17:08 daily-24085.cdiff >> -rw-r--r-- 1 nginx root 12340 Nov 30 01:10 daily-24086.cdiff >> -rw-r--r-- 1 nginx root 7461 Nov 30 09:09 daily-24087.cdiff >> -rw-r--r-- 1 nginx root 6331 Nov 30 17:10 daily-24088.cdiff >> -rw-r--r-- 1 nginx root 8811 Dec 1 01:12 daily-24089.cdiff >> -rw-r--r-- 1 nginx root 9504 Dec 1 09:11 daily-24090.cdiff >> -rw-r--r-- 1 nginx root 6476 Dec 1 17:09 daily-24091.cdiff >> -rw-r--r-- 1 nginx root 8647 Dec 2 01:09 daily-24092.cdiff >> -rw-r--r-- 1 nginx root 6714 Dec 2 09:12 daily-24093.cdiff >> -rw-r--r-- 1 nginx root 4034 Dec 2 17:08 daily-24094.cdiff >> -rw-r--r-- 1 nginx root 3766 Dec 3 01:11 daily-24095.cdiff >> -rw-r--r-- 1 nginx root 3609 Dec 3 09:10 daily-24096.cdiff >> -rw-r--r-- 1 nginx root 5718 Dec 3 17:09 daily-24097.cdiff >> -rw-r--r-- 1 nginx root 4577 Dec 4 01:10 daily-24098.cdiff >> -rw-r--r-- 1 nginx root 3616 Dec 4 09:09 daily-24099.cdiff >> -rw-r--r-- 1 nginx root 6595 Dec 4 17:12 daily-24100.cdiff >> -rw-r--r-- 1 nginx root 10800 Dec 5 01:12 daily-24101.cdiff >> -rw-r--r-- 1 nginx root 9302 Dec 5 09:11 daily-24102.cdiff >> -rw-r--r-- 1 nginx root 11367 Dec 5 17:12 daily-24103.cdiff >> -rw-r--r-- 1 nginx root 40675 Dec 6 01:15 daily-24104.cdiff >> -rw-r--r-- 1 nginx root 30876 Dec 6 09:10 daily-24105.cdiff >> -rw-r--r-- 1 nginx root 9570 Dec 6 17:13 daily-24106.cdiff >> -rw-r--r-- 1 nginx root 16062 Dec 7 02:17 daily-24107.cdiff >> -rw-r--r-- 1 nginx root 19871 Dec 7 21:14 daily-24108.cdiff >> -rw-r--r-- 1 nginx root 12366 Dec 8 05:11 daily-24109.cdiff >> -rw-r--r-- 1 nginx root 9439 Dec 8 13:12 daily-24110.cdiff >> -rw-r--r-- 1 nginx root 43280869 Dec 8 13:12 daily.cvd >> -rw-r--r-- 1 nginx root 43280869 Dec 8 13:12 daily.cvd.1 >> -rw-r--r-- 1 nginx root 41 Dec 8 15:41 dns.txt >> -rw-r--r-- 1 nginx root 138 Nov 27 21:03 index.html >> -rw-r--r-- 1 nginx root 8808462 Nov 27 21:30 main-58.cdiff >> -rw-r--r-- 1 nginx root 117892267 Nov 27 21:29 main.cvd >> drwxr-xr-x 2 nginx root 6 Dec 8 16:05 temp >> ----- >> >> John Kennedy (_8(|) >> >> If I'm a sarcastic asshole when I talk to you it's either because I really >> like you and feel comfortable teasing you or I really hate you and don't >> care if you know it. Good luck figuring out which one... >> >> Sometimes it happens, sometimes it doesn't - Pedro Catacora >> >> The Dunning-Kruger effect occurs when incompetent people not only fail to >> realize their incompetence, but consider themselves much more competent >> than everyone else. Basically - they're too stupid to know that they're >> stupid. >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml >> > > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
