Hi Brent,

clamdscan and clamd share the same config file. clamd uses it to set up the TCP socket to listen, and clamdscan uses it to know how to talk to clamd. As a consequence, setting multiple TCPAddr's would make no sense to clamd as it will only open 1 socket to listen for connections.

I'd be interested to know if someone has come up with a hack for how to have clamdscan fail over to a secondary clamd instance - but I'm not aware of a way to do that.

I would bare in mind that if your'e using clamd on a machine remote from the clamdscan machine, the TCP connection is not encrypted at this time - meaning your file contents may be streamed in plaintext across your network. If you need to do this, consider setting up a SSH tunnel to facilitate an encrypted connection.

Regards,
Micah


On Nov 5, 2018, at 7:48 AM, Brent Clark <***@gmail.com<mailto:***@gmail.com>> wrote:

Good day Guys

I have setup two clamd servers.

On my Webservers, I need to stream a file to the clamd for scanning.

I would like to ask, how would I specify two TCPAddr.

If I specify just one, server, everything works ok.
Ive tried various options and google does not appears to be of assists.

How does one specify more than one server for scanning?

I would like to use this a poor mans "fail over", so that if one server is down, clamscan will move on to the next server.

Thanks in advance.

Regards
Brent






_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hi there,
You'd need to modify the existing clamav-milter, which might be quite
an undertaking if you're not familiar with milters, or perhaps write a
separate milter. I've written a milter which could easily be modified
to do this. I call it 'eXtensible-Milter', XM. At present it doesn't
call clamd at all - clamav-milter does that here. Until now I've had
no particular reason to replace clamav-milter although XM has replaced
half a dozen other milters which were giving me assorted troubles, and
now I use only the two.

The idea of the possibility of a 'clamd farm' is intriguing. If you'd
be interested I can think about adding such functionality to XM.

Hmmm. On reflection, 'easily' might have been an overstatement but at
worst in principle it's easy and it's very doable. :)

XM is written in pure Perl, and at the moment it has only ever been
used with Sendmail. It hasn't been published.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

We use Linux LVM load balancing to group "many" processing nodes
(currently two, although we've had more on older hardware in the past)
into one logical service. You can then point your clamdscan (or
clamav-milter) callers to the load-balanced IP.

-kgd
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml