Hi Paul, According to _https://docs.clamav.net/faq/faq-eol.html_ , version 102 reached EOL Jan 3, with database downloads no longer permitted.
Dave. On 2022-02-10 10:25, Paul Furnival via clamav-users wrote: > I am running CLAMAV on a number of servers running different linux > distributions and, therefore, different versions of the clamav engine. 2 of > the servers have started to give errors when trying to upload the definition > files. These errors came to light as emails I received, > > In following this through, it would appear that cloudfare is returning an > "Error 1020" which ripples down to CLAMAV as a 403 error. > > Cloudfare say that this error is because the client has contravened a > firewall rule but, as the client, I cannot see what this is so have no idea > how to fix it. > > One test I have carried out is to download the file from another computer on > the same network using the same firewall fro NAT (so the same ip address to > the remote servers) using a web browser and the file downloads OK. This > would suggest that I am not being blocked due to a limit on how many requests > can be delivered from a given IP address > > I have tried to update Clamav but there is no newer package for the > distribution. It is possible (although I can't prove ite) that cloudfare is > checking the user agent and seeing my installation is too old? > > This is the email that warned me of the problem: > =========================================================================== > ERROR: downloadFile: Unexpected response (403) from > database.clamav.net/daily-26440.cdiff > ERROR: getpatch: Can't download daily-26440.cdiff from > database.clamav.net/daily-26440.cdiff > ERROR: downloadFile: Unexpected response (403) from > database.clamav.net/daily.cvd > ERROR: getcvd: Can't download daily.cvd from database.clamav.net/daily.cvd > ERROR: Update failed for database: daily > ERROR: Database update process failed: HTTP GET failed (11) > ERROR: Update failed. > =========================================================================== > > > > and this is the output from freshclam --debug --verbose > =========================================================================== > ClamAV update process started at Thu Feb 10 15:21:42 2022 > Current working dir is /var/lib/clamav/ > Querying current.cvd.clamav.net > TTL: 587 > fc_dns_query_update_info: Software version from DNS: 0.103.5 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.102.4 Recommended version: 0.103.5 > DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav > Current working dir is /var/lib/clamav/ > check_for_new_database_version: No local copy of "daily" database. > query_remote_database_version: daily.cvd version from DNS: 26449 > daily database available for download (remote version: 26449) > Retrieving https://database.clamav.net/daily.cvd > downloadFile: Download source: https://database.clamav.net/daily.cvd > downloadFile: Download destination: > /var/lib/clamav/tmp.d974a/clamav-57c27d81b66a259b02e9dc00177a1f51.tmp > * About to connect() to database.clamav.net port 443 (#0) > * Trying 104.16.218.84... > * Connected to database.clamav.net (104.16.218.84) port 443 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * CAfile: /etc/pki/tls/certs/ca-bundle.crt > CApath: none > * SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 > * Server certificate: > * subject: CN=sni.cloudflaressl.com,O="Cloudflare, Inc.",L=San > Francisco,ST=California,C=US > * start date: Jul 15 00:00:00 2021 GMT > * expire date: Jul 14 23:59:59 2022 GMT > * common name: sni.cloudflaressl.com > * issuer: CN=Cloudflare Inc ECC CA-3,O="Cloudflare, Inc.",C=US >> GET /daily.cvd HTTP/1.1 > User-Agent: ClamAV/0.102.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) > Host: database.clamav.net > Accept: */* > Connection: close > > < HTTP/1.1 403 Forbidden > < Date: Thu, 10 Feb 2022 15:21:42 GMT > < Content-Type: text/plain; charset=UTF-8 > < Content-Length: 16 > < Connection: close > < X-Frame-Options: SAMEORIGIN > < Referrer-Policy: same-origin > < Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, > post-check=0, pre-check=0 > < Expires: Thu, 01 Jan 1970 00:00:01 GMT > < Expect-CT: max-age=604800, > report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; > < Strict-Transport-Security: max-age=15552000 > < X-Content-Type-Options: nosniff > < Server: cloudflare > < CF-RAY: 6db6542848e5f3df-LHR > < > Time: 0.3s, ETA: 0.0s [=============================>] 16B/16B > * Closing connection 0 > WARNING: downloadFile: Unexpected response (403) from > https://database.clamav.net/daily.cvd > WARNING: getcvd: Can't download daily.cvd from > https://database.clamav.net/daily.cvd > Trying again in 5 secs... > ====================================================================================================== > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
