Parece que los chicos de clamav escucharon a los cubanos llorar y nos han documentado como hacer un mirror local, sin más les dejo el artículo tomado del sitio de clamav, diganme luego si ha sido útil...
Private Local mirrors There are some situations in which it may be desirable to set up a private mirror for distributing CVD updates. If you run ClamAV on many clients on your network, each installation will download a copy of new .cdiff files. This is a waste of bandwidth and resources for your network and for our mirrors network. Sometimes the servers which perform the scan are not directly connected to Internet and can only download updates from a server in the same network segment. For people who face these problems, we recommend using one of the following 3 setups. 1. Use an HTTP proxy This solution is really easy to implement and is bandwidth efficient. Install a proxy server (e.g. squid) and then tell your freshclam clients to use it. This can be done by setting the HTTPProxyServer parameter in freshclam.conf (see man 5 freshclam.conf for the details). 2. Serve CVD files from a local web server This solution is really simple to implement but it's only effective if your clients are all on the same local network and bandwidth is not an issue for you. Configure a local webserver on one of your machines (say machine1.mylan) and let freshclam download the *.cvd files from http://database.clamav.net to the webserver’s DocumentRoot. Add the following line to freshclam.conf on machine1.mylan. ScriptedUpdates no First the database will be downloaded to the local webserver and then the other clients on the network will update their copy of the database from it. For this to work you have to change freshclam.conf on each client so that it reads. DatabaseMirror machine1.mylan ScriptedUpdates no 3. Serve CVD and CDIFF files from a local web server This solution is bandwidth efficient but it's a little bit trickier to set up and involves the use of custom scripts in place of freshclam. Because of this, the scripts might need to be updated from time to time to cope with the corresponding changes in freshclam. Configure a local webserver on one of your machines (say machine1.mylan) and use this script developed by Frederic Vanden Poel to download the cvd and cdiff files into the DocumentRoot. clamdownloader.pl by Frederic Vanden Poel #!/usr/bin/env perl # # File name: clamdownloader.pl # Author: Frederic Vanden Poel # ############################################################################# # use strict; use warnings; use Net::DNS; my $clamdb="/tmp/clam"; # mirror where files such as daily-12133.cdiff exist my $mirror="http://database.clamav.net";; # get the TXT record for current.cvd.clamav.net my $txt = getTXT("current.cvd.clamav.net"); exit unless $txt; chdir($clamdb) || die ("Can't chdir to $clamdb : $!\n"); # dump the record in a file print "TXT from DNS: $txt\n"; open D, ">dns.txt"; print D "$txt"; close D; # temp dir for wget updates mkdir("$clamdb/temp"); # get what we need my ( $clamv, $mainv , $dailyv, $x, $y, $z, $safebrowsingv, $bytecodev ) = split /:/, $txt ; print "FIELDS main=$mainv daily=$dailyv bytecode=$bytecodev\n"; updateFile('main',$mainv); updateFile('daily',$dailyv); updateFile('bytecode',$bytecodev); sub getTXT { use Net::DNS; my $domain = shift @_; my $rr; my $res = Net::DNS::Resolver->new; my $txt_query = $res->query($domain,"TXT"); if ($txt_query) { return ($txt_query->answer)[0]->txtdata; } else { warn "Unable to get TXT Record : ", $res->errorstring, "\n"; return 0; } } sub getLocalVersion { my $file=shift @_; my $cmd="sigtool -i $clamdb/$file.cvd"; open P, "$cmd |" || die("Can't run $cmd : $!"); while (<P>) { next unless /Version: (\d+)/; return $1; } return -1; } sub updateFile { my $file=shift @_; my $currentversion=shift @_; my $old=0; if ( ! -e "$file.cvd" ) { warn "file $file.cvd does not exists, skipping\n"; } if ( ! -z "$file.cvd" ) { $old = getLocalVersion($file); if ( $old > 0 ) { print "$file old: $old current: $currentversion\n"; # mirror all the diffs for (my $count = $old + 1 ; $count <= $currentversion; $count++) { print `wget -nH -nd -N -nv $mirror/$file-$count.cdiff 2>&1`; } } else { warn "file $file.cvd version unknown, skipping cdiffs\n"; } } else { warn "file $file.cvd is zero, skipping cdiffs\n"; } return if ( $currentversion == $old ); # update the full file using a copy, then move back print `cp -v -a $file.cvd temp/$file.cvd 2>&1`; print `cd temp && wget -nH -nd -N -nv $mirror/$file.cvd 2>&1`; if ( -e "temp/$file.cvd" && ! -z "temp/$file.cvd" ) { if ( (stat("temp/$file.cvd"))[9] > (stat("$file.cvd"))[9] ) { print "file temp/$file.cvd is newer than $file.cvd\n"; print `mv -v temp/$file.cvd $file.cvd 2>&1`; } else { print "file temp/$file.cvd not touched by wget\n"; print `rm -v temp/$file.cvd`; } } else { warn "temp/$file.cvd is not valid, not copying back !\n"; unlink "temp/$file.cvd"; } } __END__ First the cvd+cdiff files will be downloaded to the local webserver and then the other clients on the network will update their copy of the database from it. For this to work you have to change freshclam.conf on your clients so that it reads. DatabaseMirror machine1.mylan ------------ Salu2, Ulinx "En un problema con n ecuaciones siempre habrá al menos n+1 incógnitas" Linux user 366775 -- Este mensaje ha sido analizado por MailScanner en busca de virus y otros contenidos peligrosos, y se considera que est� limpio. ------------ próxima parte ------------ Se ha borrado un adjunto en formato HTML... URL: <http://listas.jovenclub.cu/pipermail/gutl-l/attachments/20140507/8110f0bc/attachment.html>
______________________________________________________________________ Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba. Gutl-l@jovenclub.cu https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
