On 20/03/2021 17:12, G.W. Haywood via clamav-users wrote:
On 20/03/2021 04:31, Joel Esler (jesler) via clamav-users wrote:
Please check out cvdupdate or Freshclam for your updates. Once or
twice a day to check is fine.
FWIW, running cvdupdate only once or twice a day is a BAD idea.
If you are running a private mirror, then if Freshclam tries to get
the latest CDIFF (according to DNS) from the private mirror ...
My understanding is that if you're using a private mirror you're supposed
to set the 'PrivateMirror' option, which does not use DNS to check for the
existence of updated files, but checks the files themselves directly.
On 20/03/2021 19:08, Joel Esler (jesler) via clamav-users wrote:
Ged is correct.
I'm sorry, but this is definitively NOT what the website says!
https://www.clamav.net/documents/private-local-mirrors
Option (2) (which is still documented but won't work any more) says "For
this to work you have to change freshclam.conf on each client so that it
reads
PrivateMirror machine1.mylan
ScriptedUpdates no"
This is NOT what we are doing!
Option (3) (using cvdupdate) says: "Set up your Freshclam clients’
freshclam.conf config file to point to:
DatabaseMirror http://machine1.mylan";
So, the cvdupdate method is meant to use 'DatabaseMirror' NOT
'PrivateMirror'
The 'PrivateMirror' option means that Freshclam does not download CDIFF
files at all, but that is how the 'cvdupdate' method expects the clients
to work. Cvdupdate makes CDIFF files available to the mirror 'clients',
just like the normal ClamAV method does. It is designed to be bandwidth
efficient by allowing clients to get the CDIFFs, as opposed to the
'PrivateMirror' method which requires them to get the full CVD file
It works absolutely fine, and wonderfully, as long as the private mirror
is up to date, so cvdupdate needs to be run frequently. It will not
download anything unless the DNS TXT record has updated.
Also, in case of doubt: https://github.com/micahsnyder/cvdupdate says
"You can test it by running freshclam or freshclam.exe locally, where
you've configured freshclam.conf with:
DatabaseMirror http://localhost:8000";
(There is no mention of the 'PrivateMirror' configuration option in the
cvdupdate docs)
--
Paul
--
Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53
Sign up for news & updates at http://www.pscs.co.uk/go/subscribe
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
