FreshClam and Proxy Settings...

Discussion:

Anthony Presley

2004-04-16 20:20:02 UTC

Hi all --

I've downloaded and installed ClamAV .7 on my server, and it works
really well. All except freshclam, that is.

I've created /etc/freshclam.conf (after copying from the distributed
file and editing), and changed the server and port settings to read:

HTTPProxyServer 192.168.2.4
HTTPProxyPort 3128

Which doesn't appear to work. However, these ARE the settings that the
rest of the network uses, as does the server for reading mail and doing
ftp and http transfers (lynx or links).

I can do an nslookup from the box for the database.clamav.net. However,
when I run freshclam from the command line, all I get is:

ClamAV update process started at Fri Apr 16 16:10:47 2004
ERROR: Can't connect to port 80 of host database.clamav.net
(65.75.154.69)
ERROR: Connection with database.clamav.net (IP: 65.75.154.69) failed.
Trying again...
ClamAV update process started at Fri Apr 16 16:13:57 2004

This proceeds onward for some time. However, if I power up links on the
same box, I CAN get to those IP's using those same ports (80?).

I'm not using user based authentication on the proxy, just by IP, which
works well. Lastly .... neither freshclam nor clamscan seem to use the
log files, which are:

-rw------- 1 clamav root 0 Apr 14 15:24 clamd.log
-rw------- 1 clamav root 0 Apr 14 15:23 freshclam.log

Following is my /etc/freshclam.conf file (comments removed):

UpdateLogFile /var/log/freshclam.log
LogVerbose
DatabaseMirror database.clamav.net
MaxAttempts 3
Checks 12
HTTPProxyServer 192.168.2.4
HTTPProxyPort 3128

What do I need to do to get this to work?

Thanks.

--Anthony

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

Tomasz Kojm

2004-04-19 00:13:43 UTC

Permalink

On Fri, 16 Apr 2004 15:20:02 -0500

Post by Anthony Presley
Hi all --
I've downloaded and installed ClamAV .7 on my server, and it works
really well. All except freshclam, that is.
I've created /etc/freshclam.conf (after copying from the distributed
HTTPProxyServer 192.168.2.4

Please try to use a hostname instead of the IP of your PROXY server.

--
oo ..... Tomasz Kojm <***@clamav.net>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Mon Apr 19 02:12:44 CEST 2004

Nigel Horne

2004-04-19 07:50:23 UTC

Permalink

Post by Tomasz Kojm

Post by Anthony Presley
HTTPProxyServer 192.168.2.4

Please try to use a hostname instead of the IP of your PROXY server.

IP should work, it does for me...

Post by Tomasz Kojm
I've created /etc/freshclam.conf (after copying from the distributed

When running configure what did you put in as the --prefix argument? It
is possible that freshclam is reading /usr/local/etc/freshclam.conf

-Nigel
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
***@despammed.com http://www.bandsman.co.uk

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

Anthony Presley

2004-04-19 12:02:05 UTC

Permalink

Post by Nigel Horne

Post by Tomasz Kojm

Post by Anthony Presley
HTTPProxyServer 192.168.2.4

Please try to use a hostname instead of the IP of your PROXY server.

IP should work, it does for me...

That was my thoughts ...

Post by Nigel Horne

Post by Tomasz Kojm
I've created /etc/freshclam.conf (after copying from the distributed

When running configure what did you put in as the --prefix argument? It
is possible that freshclam is reading /usr/local/etc/freshclam.conf

I put NOTHING. Which ... you're right. I symlinked
/usr/local/etc/freshclam.conf and it works perfect. Thanks.

--Anthony

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

Anthony Presley

2004-04-19 11:48:14 UTC

Permalink

Post by Tomasz Kojm
On Fri, 16 Apr 2004 15:20:02 -0500

Please try to use a hostname instead of the IP of your PROXY server.

I've tried, with both the hostname, and the complete hostname +
domain-name, ie:

HTTPProxyServer www

AND

HTTPProxyServer www.domainname.com

Same problem.

Any more ideas?

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click

Jo Mills

2004-04-19 12:57:18 UTC

Permalink

Post by Anthony Presley

Post by Tomasz Kojm
On Fri, 16 Apr 2004 15:20:02 -0500

Please try to use a hostname instead of the IP of your PROXY server.

I've tried, with both the hostname, and the complete hostname +
HTTPProxyServer www
AND
HTTPProxyServer www.domainname.com
Same problem.
Any more ideas?

Apologies if I've missed the obvious, but I think it's just a case of
logically breaking down your problem step by step and seeing where
your setup is wrong. Where is your problem; before the proxy, with the
proxy, after it, or a mixture of these?

Possible things you could try:

host www

or similar from your "freshclam" machine to check your DNS works OK to
find your proxy. Can you ping your proxy from the "freshclam" machine
to see if the route is OK? Have you tried

host database.clamav.net

from your freshclam machine, you should see something like:

database.clamav.net CNAME db.local.clamav.net
db.local.clamav.net CNAME db.europe.clamav.net
db.europe.clamav.net A 217.154.108.81
db.europe.clamav.net A 62.210.153.201
db.europe.clamav.net A 80.69.67.3
db.europe.clamav.net A 152.66.249.132
db.europe.clamav.net A 193.1.219.100
db.europe.clamav.net A 193.138.115.108
db.europe.clamav.net A 193.225.86.3
db.europe.clamav.net A 195.70.36.141
db.europe.clamav.net A 212.31.160.239
db.europe.clamav.net A 213.184.16.3
db.europe.clamav.net A 213.203.254.4

Have you tried

traceroute database.clamav.net

from your freshclam machine? I get the following when I try this (but
then we have a vpn to head office so this looks a bit odd to me):

traceroute: Warning: database.clamav.net has multiple addresses; using 193.138.115.108
traceroute to db.europe.clamav.net (193.138.115.108), 30 hops max, 38 byte packets
1 labgw-o (10.100.200.1) 0.364 ms 0.187 ms 0.099 ms
2 httpproxy-l (10.100.130.2) 0.375 ms 0.234 ms 0.183 ms
3 httpproxy-l (10.100.130.2) 0.348 ms 0.398 ms 0.340 ms

Is the HTTPProxyPort is set to something sensible (maybe 8080), and
are the HTTPProxyUsername and HTTPProxyPassword are also correctly set
(or commented out) in freshclam.conf?

Have you tried using the proxy from your "freshclam" machine for
simple web browsing? Do you have a firewall issue? Do you know that
the proxy actually works?

Hope this helps,

Regards,

Jo.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click