Nevermind my previous question. I see that you identified that the issue was a result of Little Snitch settings.
Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Sep 7, 2018, at 11:26 AM, Micah Snyder (micasnyd) <micas...@cisco.com<mailto:micas...@cisco.com>> wrote: At present, long-term ignore time is 72 hours and the short-term ignore time is 6 hours. The logic in freshclam to determine if it should ignore for the long-term or short-term length depends on what kind of error occurs and how many errors occur. I am looking into reducing the timeout length, and simplifying some of the logic. What version of macOS are you using? 10.10 reportedly had some issues with DNS lookups, though I don't know the specifics. Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Sep 5, 2018, at 5:03 AM, Al Varnell <alvarn...@mac.com<mailto:alvarn...@mac.com>> wrote: As previously observed, depending on installation permissions, some of us need sudo and others do not. Anytime you see "Ignoring mirror xxx.xxx.xxx.xxx (due to previous errors)" for all available mirrors, you must trash mirrors.dat or wait for some amount of time (unknown to me) in order to recover. -Al- On Wed, Sep 05, 2018 at 01:33 AM, Michael Newman wrote: This is on a Mac with a MacPorts ClamAV installation. I previously reported that if I ran freshclam as root it failed, but worked if I ran it as me. Now I have the exact opposite situation. It fails if I run it as me, but works if I run as root. If I don’t use sudo, the first error I get is this: Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Can't query current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Invalid DNS reply. Falling back to HTTP mode. (Followed by many, many more. See below.) If I use sudo, that error never appears. I think this must be some sort of DNS error, but I have no idea what it might be or how to fix it. The following works fine: MrMuscle:clamav mnewman$ host -t txt current.cvd.clamav.net<http://current.cvd.clamav.net/> current.cvd.clamav.net<http://current.cvd.clamav.net/> descriptive text "0.100.1:58:24903:1536132540:1:63:47832:327" This started failing while I was away on vacation. Nothing was changed on the machine while I was away. FWIW, I’m using Google’s DNS servers. I live in Thailand and they seem to be the fastest. I changed permissions on the database files as follows: MrMuscle:clamav mnewman$ pwd /opt/local/share/clamav MrMuscle:clamav mnewman$ ls -lea total 329448 drwxrwxrwx 7 _clamav _clamav 224 Sep 5 15:19 . drwxrwxr-x 115 root wheel 3680 Aug 19 10:14 .. -rw-rw-rw- 1 _clamav _clamav 187426 Aug 19 11:08 bytecode.cvd -rw-rw-rw- 1 _clamav _clamav 50109025 Sep 5 14:50 daily.cvd -rw-rw-rw-@ 1 _clamav _clamav 52 Aug 22 05:48 local.ign2 -rw-rw-rw- 1 _clamav _clamav 117892267 Aug 19 11:08 main.cvd -rw-rw-rw- 1 _clamav _clamav 260 Sep 5 15:19 mirrors.dat I’m appending the verbose output of freshclam when run without and with sudo: MrMuscle:bin mnewman$ /opt/local/bin/freshclam -v Current working dir is /opt/local/share/clamav Max retries == 3 ClamAV update process started at Wed Sep 5 14:49:53 2018 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Can't query current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Invalid DNS reply. Falling back to HTTP mode. If-Modified-Since: Wed, 07 Jun 2017 21:38:10 GMT Reading CVD header (main.cvd): nonblock_connect: connect(): fd=7 errno=64: Host is down Can't connect to port 80 of host db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.188.138) nonblock_connect: connect(): fd=7 errno=64: Host is down Can't connect to port 80 of host db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.186.138) Ignoring mirror 104.16.188.138 (due to previous errors) Trying host db.US.clamav.net<http://db.us.clamav.net/> (104.16.187.138)... nonblock_connect: connect(): fd=7 errno=64: Host is down Can't connect to port 80 of host db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.187.138) Trying host db.US.clamav.net<http://db.us.clamav.net/> (104.16.185.138)... nonblock_connect: connect(): fd=7 errno=64: Host is down Can't connect to port 80 of host db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.185.138) Trying host db.US.clamav.net<http://db.us.clamav.net/> (104.16.189.138)... nonblock_connect: connect(): fd=7 errno=64: Host is down Can't connect to port 80 of host db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.189.138) WARNING: Can't read main.cvd header from db.US.clamav.net<http://db.us.clamav.net/> (IP: ) Trying again in 5 secs... ClamAV update process started at Wed Sep 5 14:49:58 2018 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Can't query current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Invalid DNS reply. Falling back to HTTP mode. If-Modified-Since: Wed, 07 Jun 2017 21:38:10 GMT Reading CVD header (main.cvd): Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.187.138 (due to previous errors) WARNING: Can't read main.cvd header from db.US.clamav.net<http://db.us.clamav.net/> (IP: ) Trying again in 5 secs... ClamAV update process started at Wed Sep 5 14:50:03 2018 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Can't query current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Invalid DNS reply. Falling back to HTTP mode. If-Modified-Since: Wed, 07 Jun 2017 21:38:10 GMT Reading CVD header (main.cvd): Ignoring mirror 104.16.187.138 (due to previous errors) Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) WARNING: Can't read main.cvd header from db.US.clamav.net<http://db.us.clamav.net/> (IP: ) Giving up on db.US.clamav.net<http://db.us.clamav.net/>... ClamAV update process started at Wed Sep 5 14:50:03 2018 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Can't query current.cvd.clamav.net<http://current.cvd.clamav.net/> WARNING: Invalid DNS reply. Falling back to HTTP mode. If-Modified-Since: Wed, 07 Jun 2017 21:38:10 GMT Reading CVD header (main.cvd): Ignoring mirror 104.16.187.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) WARNING: Can't read main.cvd header from database.clamav.net<http://database.clamav.net/> (IP: ) Giving up on database.clamav.net<http://database.clamav.net/>... Update failed. Your network may be down or none of the mirrors listed in /opt/local/etc/freshclam.conf is working. Check https://www.clamav.net/documents/official-mirror-faq for possible reasons. MrMuscle:bin mnewman$ sudo /opt/local/bin/freshclam -v Password: Current working dir is /opt/local/share/clamav Max retries == 3 ClamAV update process started at Wed Sep 5 14:50:16 2018 Using IPv6 aware code Querying current.cvd.clamav.net<http://current.cvd.clamav.net/> TTL: 591 Software version from DNS: 0.100.1 main.cvd version from DNS: 58 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd version from DNS: 24903 Retrieving http://db.US.clamav.net/daily-24903.cdiff<http://db.us.clamav.net/daily-24903.cdiff> Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.187.138 (due to previous errors) Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.187.138 (due to previous errors) WARNING: getpatch: Can't download daily-24903.cdiff from db.US.clamav.net<http://db.us.clamav.net/> Retrieving http://db.US.clamav.net/daily-24903.cdiff<http://db.us.clamav.net/daily-24903.cdiff> Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.187.138 (due to previous errors) Ignoring mirror 104.16.185.138 (due to previous errors) WARNING: getpatch: Can't download daily-24903.cdiff from db.US.clamav.net<http://db.us.clamav.net/> Retrieving http://db.US.clamav.net/daily-24903.cdiff<http://db.us.clamav.net/daily-24903.cdiff> Ignoring mirror 104.16.185.138 (due to previous errors) Ignoring mirror 104.16.188.138 (due to previous errors) Ignoring mirror 104.16.186.138 (due to previous errors) Ignoring mirror 104.16.189.138 (due to previous errors) Ignoring mirror 104.16.187.138 (due to previous errors) WARNING: getpatch: Can't download daily-24903.cdiff from db.US.clamav.net<http://db.us.clamav.net/> WARNING: Incremental update failed, trying to download daily.cvd Whitelisting short-term blacklisted mirrors Retrieving http://db.US.clamav.net/daily.cvd<http://db.us.clamav.net/daily.cvd> Trying to download http://db.US.clamav.net/daily.cvd<http://db.us.clamav.net/daily.cvd> (IP: 104.16.188.138) Downloading daily.cvd [100%] Loading signatures from daily.cvd Properly loaded 2074942 signatures from new daily.cvd daily.cvd updated (version: 24903, sigs: 2074942, f-level: 63, builder: neo) Querying daily.24903.92.1.0.6810BC8A.ping.clamav.net bytecode.cvd version from DNS: 327 bytecode.cvd is up to date (version: 327, sigs: 91, f-level: 63, builder: neo) Database updated (6641282 signatures) from db.US.clamav.net<http://db.us.clamav.net/> (IP: 104.16.188.138) Clamd successfully notified about the update. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
