-
andrehj
- Getting the hang of things
- Posts: 60
- Joined: Sat Oct 10, 2009 8:59 pm
Clamav Antivirus: «Update failed»
Last week I decided it was be time to enable the antivirus of my QNAP TS-119 P II. However, it won’t update. Immediately after pressing the «Update now» button in the Web interface, I get an «Update failed» status. Automatic scheduled updates don’t work either, result in error messages in my log.
When I did the same on my other QNAP (a TS-119, 200 km away), it updated fine. So I copied all the files from that NAS’s folder /share/HDA_DATA/.antivirus/usr to my local NAS to solve the problem. Now my virus definitions are up to date, but it still refuses to update.
Firmware of both QNAPs is 4.1.2 , 2015/01/26
From a different thread I saw that I should run
[~] # /etc/init.d/antivirus.sh update_db
But this didn’t give any output, it immediately returned to the prompt:
[~] #
Now I’m out of options…
How do I solve this problem?
-
P3R
- Guru
- Posts: 13053
- Joined: Sat Dec 29, 2007 1:39 am
- Location: Stockholm, Sweden (UTC+01:00)
Re: Clamav Antivirus: «Update failed»
Post
by P3R » Sun Feb 08, 2015 7:57 am
Have you verified that you have internet connectivity from the NAS in question?
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn’t really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It’s your money and your data, spend the storage budget wisely or pay with your data!
-
andrehj
- Getting the hang of things
- Posts: 60
- Joined: Sat Oct 10, 2009 8:59 pm
Re: Clamav Antivirus: «Update failed»
Post
by andrehj » Sun Feb 08, 2015 7:41 pm
Yes, all other things work fine, it can download my torrents, find updates for apps and firmware on the internet, and runs backups to my remote server. So the internet connection is not the problem.
-
P3R
- Guru
- Posts: 13053
- Joined: Sat Dec 29, 2007 1:39 am
- Location: Stockholm, Sweden (UTC+01:00)
Re: Clamav Antivirus: «Update failed»
Post
by P3R » Mon Feb 09, 2015 12:11 am
andrehj wrote:Yes, all other things work fine, it can download my torrents, find updates for apps and firmware on the internet, and runs backups to my remote server. So the internet connection is not the problem.
Torrents and your backup probably don’t use external DNS. Updates may or may not use DNS but have you verified that DNS works from within the NAS?
Any outgoing filtering happening in the firewall/router?
RAID have never ever been a replacement for backups. Without backups on a different system (preferably placed at another site), you will eventually lose data!
A non-RAID configuration (including RAID 0, which isn’t really RAID) with a backup on a separate media protects your data far better than any RAID-volume without backup.
All data storage consists of both the primary storage and the backups. It’s your money and your data, spend the storage budget wisely or pay with your data!
-
Toxic17
- Ask me anything
- Posts: 6432
- Joined: Tue Jan 25, 2011 11:41 pm
- Location: Planet Earth
- Contact:
Re: Clamav Antivirus: «Update failed»
Post
by Toxic17 » Mon Feb 09, 2015 12:21 am
clamav daemon and clamscan reside here:
/usr/local/bin/
/usr/local/bin/clamscan —help
/usr/local/bin/clamd —help
see if you can find anything of use with those two commands and parameters.
-
andrehj
- Getting the hang of things
- Posts: 60
- Joined: Sat Oct 10, 2009 8:59 pm
Re: Clamav Antivirus: «Update failed»
Post
by andrehj » Mon Feb 09, 2015 5:00 am
P3R wrote:
andrehj wrote:Yes, all other things work fine, it can download my torrents, find updates for apps and firmware on the internet, and runs backups to my remote server. So the internet connection is not the problem.
Torrents and your backup probably don’t use external DNS. Updates may or may not use DNS but have you verified that DNS works from within the NAS?
Any outgoing filtering happening in the firewall/router?
Thanks for your suggestions. Regarding DNS, I do not exactly understand what you mean, but I hope you mean that it can use DNS to translate IP-names to IP-addresses. So I tried to ping google.com:
Code: Select all
[~] # ping google.com
PING google.com (85.113.229.176): 56 data bytes
64 bytes from 85.113.229.176: icmp_seq=0 ttl=58 time=4.0 ms
64 bytes from 85.113.229.176: icmp_seq=1 ttl=58 time=3.3 ms
64 bytes from 85.113.229.176: icmp_seq=2 ttl=58 time=3.4 ms
64 bytes from 85.113.229.176: icmp_seq=3 ttl=58 time=3.3 ms
64 bytes from 85.113.229.176: icmp_seq=4 ttl=58 time=4.1 ms
64 bytes from 85.113.229.176: icmp_seq=5 ttl=58 time=4.8 ms
64 bytes from 85.113.229.176: icmp_seq=6 ttl=58 time=3.3 ms
^C
--- google.com ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 3.3/3.7/4.8 ms
I think that looks OK (and quite fast, thanks to my fiber connection).
Regarding firewall: The NAS has no specific firewall settings. The only things I set for my NAS in my router (an AVM Fritzbox 7390) is some port forwarding and a fixed IP address.
-
andrehj
- Getting the hang of things
- Posts: 60
- Joined: Sat Oct 10, 2009 8:59 pm
Re: Clamav Antivirus: «Update failed»
Post
by andrehj » Mon Feb 09, 2015 5:09 am
Toxic17 wrote:clamav daemon and clamscan reside here:
/usr/local/bin/
/usr/local/bin/clamscan —help
/usr/local/bin/clamd —help
see if you can find anything of use with those two commands and parameters.
Hi Simon,
Thanks for your help. Here’s the result:
Code: Select all
[~] # cd /usr/local/bin/
[/usr/local/bin] # clamscan --help
-sh: clamscan: command not found
[/usr/local/bin] # clamd --help
ERROR: This tool requires libclamav with functionality level 77 or higher (current f-level: 64)
[/usr/local/bin] #
It looks like there is something missing. Tomorrow I’ll try to fix this (with the help of another QNAP, which has a working virus scanner).
-
schumaku
- Guru
- Posts: 43648
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland — Skype: schumaku
- Contact:
Re: Clamav Antivirus: «Update failed»
Post
by schumaku » Mon Feb 09, 2015 6:33 am
On a similar generation TS-x19 (a TS-419P II — QTS 4.1.2 20150126) clamscan and the clamd (not used by QNAP — they run clamscan by crontab instead) are located in different folders:
[/usr/local/bin] # ls -ls /usr/local/bin/clam*
124 -rwxr-xr-x 1 admin administ 121192 Jan 26 14:59 /usr/local/bin/clamscan*
[/usr/local/bin] # ls -ls /usr/local/sbin/clam*
172 -rwxr-xr-x 1 admin administ 171184 Jan 26 14:59 /usr/local/sbin/clamd*
[/usr/local/bin] # /usr/local/bin/clamscan —version
ClamAV 0.98.4/20043/Sat Feb 7 21:53:32 2015
[/usr/local/bin] # /usr/local/sbin/clamd —version
ERROR: Please edit the example config file /etc/config/clamd.conf
ERROR: Can’t open/parse the config file /etc/config/clamd.conf
[/usr/local/bin] # find / -name libclam*
/mnt/ext/usr/lib/libclamunrar.so.6.1.23
/mnt/ext/usr/lib/libclamunrar.so
/mnt/ext/usr/lib/libclamunrar_iface.so.6
/mnt/ext/usr/lib/libclamav.so.6.1.23
/mnt/ext/usr/lib/libclamav.so
/mnt/ext/usr/lib/libclamunrar_iface.so.6.1.23
/mnt/ext/usr/lib/libclamav.so.6
/mnt/ext/usr/lib/libclamunrar_iface.so
/mnt/ext/usr/lib/libclamunrar.so.6
/share/MD0_DATA/.antivirus/usr/lib/libclamav.so.6.1.23
ClamAV was updated with a recent 4.1.2 build, the library mismach tells me the NAS in question was only partially updated.
-
andrehj
- Getting the hang of things
- Posts: 60
- Joined: Sat Oct 10, 2009 8:59 pm
Re: Clamav Antivirus: «Update failed»
Post
by andrehj » Tue Feb 10, 2015 3:03 am
Hm, it seems like I fixed it:
I copied all the clamav data from my other QNAP from the following folders:
/share/HDA_DATA/.antivirus/usr
/mnt/ext/usr/lib (fixed and renamed the links).
Then I could enable antivirus and it updated itself! Now my Update button in the web interface also works.
Thanks everyone for your help.
-
mrhyde1971
- Starting out
- Posts: 16
- Joined: Thu Apr 25, 2013 10:02 pm
Re: Clamav Antivirus:
Post
by mrhyde1971 » Tue Feb 10, 2015 6:24 pm
I had similar problem with QNAP TS-451.
In my case I understood that the problem was due to the timeout value too low in the following lines in file /etc/init.d/antivirus.sh
Code: Select all
dbgprintf " /sbin/curl --connect-timeout 10 -I $db_test_url"
/sbin/curl --connect-timeout 10 -I $db_test_url 1>>/dev/null 2>>/dev/null
To solve this I simply modified the file as follows:
Code: Select all
--- antivirus.sh.ORIGINAL 2015-02-10 11:10:22.293609090 +0100
+++ antivirus.sh 2015-02-10 11:12:11.774602062 +0100
@@ -16,6 +16,7 @@
CRONTAB="/etc/config/crontab"
TEMP_CRONTAB="/tmp/crontab"
ISO_CONF="/etc/config/iso_share_mapping"
+CONNECT_TIMEOUT=30
VOLUME=`/sbin/getcfg Public path -f /etc/config/smb.conf | cut -d '/' -f 3`
ANTIVIRUS_FOLDER="/share/$VOLUME/.antivirus"
@@ -826,8 +827,8 @@
/usr/bin/crontab $CRONTAB
else
#check DB URL
- dbgprintf " /sbin/curl --connect-timeout 10 -I $db_test_url"
- /sbin/curl --connect-timeout 10 -I $db_test_url 1>>/dev/null 2>>/dev/null
+ dbgprintf " /sbin/curl --connect-timeout $CONNECT_TIMEOUT -I $db_test_url"
+ /sbin/curl --connect-timeout $CONNECT_TIMEOUT -I $db_test_url 1>>/dev/null 2>>/dev/null
if [ $? != 0 ]; then
dbgprintf " /sbin/setcfg Antivirus AntivirusStatus 5 -f $ANTIVIRUS_CONFIG (fail)"
/sbin/setcfg "Antivirus" "AntivirusStatus" "5" -f "$ANTIVIRUS_CONFIG"
In other words: I simply added the variable «CONNECT_TIMEOUT» with value 30 and then I used that variable to call curl.
Bye,
Mr Hyde
Tue Mar 22 09:20:16 2022 -> *Current working dir is /var/lib/clamav/
Tue Mar 22 09:20:16 2022 -> *Loaded freshclam.dat:
Tue Mar 22 09:20:16 2022 -> * version: 1
Tue Mar 22 09:20:16 2022 -> * uuid: dd0512fc—399b—46af—8bd3—3ef86b3a37d6
Tue Mar 22 09:20:16 2022 -> ClamAV update process started at Tue Mar 22 09:20:16 2022
Tue Mar 22 09:20:16 2022 -> *Current working dir is /var/lib/clamav/
Tue Mar 22 09:20:16 2022 -> ^DNS Update Info disabled. Falling back to HTTP mode.
Tue Mar 22 09:20:16 2022 -> *Current working dir is /var/lib/clamav/
Tue Mar 22 09:20:16 2022 -> *check_for_new_database_version: Local copy of daily found: daily.cvd.
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/daily.cld
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /daily.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 21 Mar 2022 08:28:19 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/daily.cld
< Content—Length: 246
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/daily.cld’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /daily.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 21 Mar 2022 08:28:19 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Content—Length: 196
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> ^remote_cvdhead: file not found: http://clmvupd.deltamoby.ru/daily.cld
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/daily.cvd
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /daily.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 21 Mar 2022 08:28:19 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/daily.cvd
< Content—Length: 246
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/daily.cvd’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /daily.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 21 Mar 2022 08:28:19 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 206 Partial Content
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Last—Modified: Tue, 22 Mar 2022 05:51:55 GMT
< ETag: «3765084-5dac835e045da»
< Accept—Ranges: bytes
< Content—Length: 512
< Content—Range: bytes 0—511/58085508
< Connection: close
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> OK
Tue Mar 22 09:20:16 2022 -> *daily database version obtained using HTTP GET: 26488
Tue Mar 22 09:20:16 2022 -> daily.cvd database is up—to—date (version: 26488, sigs: 1976522, f—level: 90, builder: raynman)
Tue Mar 22 09:20:16 2022 -> *fc_update_database: daily.cvd already up—to—date.
Tue Mar 22 09:20:16 2022 -> *Current working dir is /var/lib/clamav/
Tue Mar 22 09:20:16 2022 -> *check_for_new_database_version: Local copy of main found: main.cvd.
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/main.cld
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /main.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Thu, 16 Sep 2021 12:32:42 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/main.cld
< Content—Length: 245
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/main.cld’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /main.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Thu, 16 Sep 2021 12:32:42 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Content—Length: 196
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> ^remote_cvdhead: file not found: http://clmvupd.deltamoby.ru/main.cld
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/main.cvd
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /main.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Thu, 16 Sep 2021 12:32:42 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/main.cvd
< Content—Length: 245
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/main.cvd’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /main.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Thu, 16 Sep 2021 12:32:42 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 206 Partial Content
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Last—Modified: Tue, 22 Mar 2022 05:51:56 GMT
< ETag: «a2950ad-5dac835e5859b»
< Accept—Ranges: bytes
< Content—Length: 512
< Content—Range: bytes 0—511/170479789
< Connection: close
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> OK
Tue Mar 22 09:20:16 2022 -> *main database version obtained using HTTP GET: 62
Tue Mar 22 09:20:16 2022 -> main.cvd database is up—to—date (version: 62, sigs: 6647427, f—level: 90, builder: sigmgr)
Tue Mar 22 09:20:16 2022 -> *fc_update_database: main.cvd already up—to—date.
Tue Mar 22 09:20:16 2022 -> *Current working dir is /var/lib/clamav/
Tue Mar 22 09:20:16 2022 -> *check_for_new_database_version: Local copy of bytecode found: bytecode.cld.
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/bytecode.cld
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /bytecode.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 08 Mar 2021 15:21:51 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/bytecode.cld
< Content—Length: 249
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/bytecode.cld’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /bytecode.cld HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 08 Mar 2021 15:21:51 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Content—Length: 196
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> ^remote_cvdhead: file not found: http://clmvupd.deltamoby.ru/bytecode.cld
Tue Mar 22 09:20:16 2022 -> Trying to retrieve CVD header from http://clmvupd.deltamoby.ru/bytecode.cvd
* Trying 88.84.222.213:80…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 80 (#0)
> GET /bytecode.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 08 Mar 2021 15:21:51 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Location: https://clmvupd.deltamoby.ru/bytecode.cvd
< Content—Length: 249
< Connection: close
< Content—Type: text/html; charset=iso-8859-1
<
* Closing connection 0
* Issue another request to this URL: ‘https://clmvupd.deltamoby.ru/bytecode.cvd’
* Trying 88.84.222.213:443…
* Connected to clmvupd.deltamoby.ru (88.84.222.213) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca—certificates.crt
* CApath: /etc/ssl/certs
* SSL connection using TLSv1.2 / ECDHE—RSA—AES256—GCM—SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=clmvupd.deltamoby.ru
* start date: Mar 22 05:06:49 2022 GMT
* expire date: Jun 20 05:06:48 2022 GMT
* subjectAltName: host «clmvupd.deltamoby.ru» matched cert‘s «clmvupd.deltamoby.ru»
* issuer: C=US; O=Let’s Encrypt; CN=R3
* SSL certificate verify ok.
> GET /bytecode.cvd HTTP/1.1
Host: clmvupd.deltamoby.ru
Range: bytes=0—511
User—Agent: ClamAV/0.104.1 (OS: Linux, ARCH: x86_64, CPU: x86_64, UUID: dd0512fc—399b—46af—8bd3—3ef86b3a37d6)
Accept: */*
If—Modified—Since: Mon, 08 Mar 2021 15:21:51 GMT
Connection: close
* Mark bundle as not supporting multiuse
< HTTP/1.1 206 Partial Content
< Date: Tue, 22 Mar 2022 06:20:16 GMT
< Server: Apache
< Last—Modified: Tue, 22 Mar 2022 05:59:45 GMT
< ETag: «47b26-5dac851d8ffa7»
< Accept—Ranges: bytes
< Content—Length: 512
< Content—Range: bytes 0—511/293670
< Connection: close
<
* Closing connection 1
Tue Mar 22 09:20:16 2022 -> OK
Tue Mar 22 09:20:16 2022 -> *bytecode database version obtained using HTTP GET: 333
Tue Mar 22 09:20:16 2022 -> bytecode.cld database is up—to—date (version: 333, sigs: 92, f—level: 63, builder: awillia2)
Tue Mar 22 09:20:16 2022 -> *fc_update_database: bytecode.cld already up—to—date.
This topic has been deleted. Only users with topic management privileges can see it.
-
Hi,
I have a Qnap T-253B nas.
On the nas there is an antivirus software Clamav.
Normaly the database should be update on daily basis.
But the updates fails.
Any reason? -
What error is given? Is this pfSense related?
Steve
Хелло!
Как Вы все помните использование антивируса ClamAv на Synology невозможно, тк европейцы заблокировали доступ до сервера обновлений.
Решение. За него большое спасибо надо сказать Александру Linux, чья статья https://bafista.ru/clamav-zablokirovali-i-reshenie-na-synology/, а точнее комментарии под ней натолкнули меня на это решение и + статья https://kb.synology.com/ru-ru/DSM/tutorial/How_to_update_virus_definitions_without_external_network_connection
Итого для ClamAv как приложения:
Надо скачать три файла обновления «*.cvd» с зеркала https://packages.microsoft.com/clamav/
Поместить в доступную Вам папку на сервере, потом зайти по ssh на сервер, ввести sudo -i. далее выполнить команды
cd /var/packages/AntiVirus/target/engine/clamav/var/lib
rm *.cvd
mv /volume1/Downloads/*.cvd .
где volume1/.. — путь куда Вы скачали файлы. Важно не забудбьти последнюю точку в команде mv
Итого для ClamAv внутри почтового сервера:
Надо скачать три файла обновления «*.cvd» с зеркала https://packages.microsoft.com/clamav/
Поместить в доступную Вам папку на сервере, потом зайти по ssh на сервер, ввести sudo -i. далее выполнить команды
cd //volume1/@MailPlus-Server/clamav
rm *.cvd
mv /volume1/Downloads/*.cvd .
где volume1/.. — путь куда Вы скачали файлы. Важно не забудбьти последнюю точку в команде mv
НАЖМИТЕ «обновить вручную» (сразу это не написал, сорри)
Вуаля
16.03.2022, 12:15
#1
Member
Перестал обновляться ClamAV установленный из панели
Перестал обновляться ClamAV установленный из панелиfreshclam выдает в логах ошибки, с 5 марта, скажите пож-та, как исправить проблему?
Wed Mar 16 00:51:18 2022 -> Received signal: wake up
Wed Mar 16 00:51:18 2022 -> ClamAV update process started at Wed Mar 16 00:51:18 2022
Wed Mar 16 00:51:18 2022 -> WARNING: Your ClamAV installation is OUTDATED!
Wed Mar 16 00:51:18 2022 -> WARNING: Local version: 0.103.4 Recommended version: 0.103.5
Wed Mar 16 00:51:18 2022 -> DON’T PANIC! Read https://docs.clamav.net/manual/Installing.html
Wed Mar 16 00:51:18 2022 -> WARNING: Cool-down expired, ok to try again.
Wed Mar 16 00:51:18 2022 -> daily database available for update (local version: 26475, remote version: 26482)
Wed Mar 16 00:51:19 2022 -> WARNING: downloadPatch: Can’t download daily-26476.cdiff from https://database.clamav.net/daily-26476.cdiff
Wed Mar 16 00:51:19 2022 -> WARNING: Incremental update failed, trying to download daily.cvd
Wed Mar 16 00:51:20 2022 -> WARNING: Can’t download daily.cvd from https://database.clamav.net/daily.cvd
Wed Mar 16 00:51:20 2022 -> WARNING: FreshClam received error code 403 from the ClamAV Content Delivery Network (CDN).
Wed Mar 16 00:51:20 2022 -> This could mean several things:
Wed Mar 16 00:51:20 2022 -> 1. You are running an out-of-date version of ClamAV / FreshClam.
Wed Mar 16 00:51:20 2022 -> Ensure you are the most updated version by visiting https://www.clamav.net/downloads
Wed Mar 16 00:51:20 2022 -> 2. Your network is explicitly denied by the FreshClam CDN.
Wed Mar 16 00:51:20 2022 -> In order to rectify this please check that you are:
Wed Mar 16 00:51:20 2022 -> a. Running an up-to-date version of FreshClam
Wed Mar 16 00:51:20 2022 -> b. Running FreshClam no more than once an hour
Wed Mar 16 00:51:20 2022 -> c. If you have checked (a) and (b), please open a ticket at
Wed Mar 16 00:51:20 2022 -> https://github.com/Cisco-Talos/clamav/issues
Wed Mar 16 00:51:20 2022 -> and we will investigate why your network is blocked.
Wed Mar 16 00:51:20 2022 -> WARNING: You are on cool-down until after: 2022-03-17 00:51:20
Wed Mar 16 00:51:20 2022 -> ERROR: Database update process failed: Forbidden; Blocked by CDN
Wed Mar 16 00:51:20 2022 -> ERROR: Update failed.
Wed Mar 16 00:51:20 2022 -> WARNING: FreshClam was forbidden from downloading a database.
Wed Mar 16 00:51:20 2022 -> WARNING: This is fatal. Retrying later won’t help. Exiting now.