Hey everyone, We are trying to run clamAV in an IBM Cloud Private (ICP) environment. The issue that we are running into is freshclam is unable to update its virus definitions while running in this environment. We are able to run curl and wget to access the main.cfd and daily.cfd using either database.clamav.net <http://database.clamav.net/> or db.us.clamav.net <http://db.us.clamav.net/> but when running freshclam the update fails.
We currently have a service entry allowing access to database.clamav.net <http://database.clamav.net/> and db.us.clamav.net <http://db.us.clamav.net/> on port 80 thus the reason that we are able to us curl and wget to pull down the databases manually. Are there other hosts that need to be added to this service entry for access? To note, this docker image is able to successfully run freshclam outside of the ICP environment with no issues. Here is a the start of verbose output of the freshclam runs. Current working dir is /var/lib/clamav Max retries == 3 ClamAV update process started at Wed Nov 14 21:08:17 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 1305 Software version from DNS: 0.100.2 main.cvd version from DNS: 58 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd version from DNS: 25120 Retrieving http://db.us.clamav.net/daily-25076.cdiff Trying to download http://db.us.clamav.net/daily-25076.cdiff (IP: 104.16.188.138) WARNING: getfile: Unknown response from db.us.clamav.net (IP: 104.16.188.138): HTTP/1.1 426 WARNING: getpatch: Can't download daily-25076.cdiff from db.us.clamav.net Querying daily.25076.93.0.0.6810BC8A.ping.clamav.net Retrieving http://db.us.clamav.net/daily-25076.cdiff Trying to download http://db.us.clamav.net/daily-25076.cdiff (IP: 104.16.188.138) WARNING: getfile: Unknown response from db.us.clamav.net (IP: 104.16.188.138): HTTP/1.1 426 WARNING: getpatch: Can't download daily-25076.cdiff from db.us.clamav.net Querying daily.25076.93.0.0.6810BC8A.ping.clamav.net Retrieving http://db.us.clamav.net/daily-25076.cdiff Trying to download http://db.us.clamav.net/daily-25076.cdiff (IP: 104.16.186.138) WARNING: getfile: Unknown response from db.us.clamav.net (IP: 104.16.186.138): HTTP/1.1 426 WARNING: getpatch: Can't download daily-25076.cdiff from db.us.clamav.net Querying daily.25076.93.0.0.6810BA8A.ping.clamav.net WARNING: Incremental update failed, trying to download daily.cvd Whitelisting short-term blacklisted mirrors Retrieving http://db.us.clamav.net/daily.cvd Ignoring mirror 104.16.188.138 (due to previous errors) Trying to download http://db.us.clamav.net/daily.cvd (IP: 104.16.187.138) WARNING: getfile: Unknown response from db.us.clamav.net (IP: 104.16.187.138): HTTP/1.1 426 WARNING: Can't download daily.cvd from db.us.clamav.net Querying daily.0.93.0.0.6810BB8A.ping.clamav.net Trying again in 5 secs... ClamAV update process started at Wed Nov 14 21:08:23 2018 Using IPv6 aware code Querying current.cvd.clamav.net <http://current.cvd.clamav.net/> ———— SNIP ——— Thanks in advance for any help Mark Johnson
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
