Hello @Joel Esler<mailto:[email protected]>, I have gone through the shared link before asking the question. I understood we can create mirror repo using freshclam or cvdupdate. The freshclam sync only cvd and cld files. However, I want use cvdupdate to sync cvd and cdiff (patch) files. That’s why questions was around cvdupdate. As per the documentation, I believe that cvdupdate does not allow to customize the database URL and skip dns.txt file. Please let me know I had missed anything.
Thanks, Atish Khedkar From: Joel Esler <[email protected]> Sent: Thursday, July 24, 2025 9:59 PM To: ClamAV users ML <[email protected]> Cc: Brendan Bell (brebell) <[email protected]>; Khedkar, Atish <[email protected]> Subject: [EXTERNAL] Re: [clamav-users] Need help on clamav database mirroring. Atish — Have you read Brendan’s link? Hosting a Private Database Mirror - ClamAV Documentation<https://urldefense.com/v3/__https:/docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting*20DatabaseMirror*use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror__;JSM!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWB_OAG0Jg$> docs.clamav.net<https://urldefense.com/v3/__https:/docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting*20DatabaseMirror*use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror__;JSM!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWB_OAG0Jg$> [cid:[email protected]]<https://urldefense.com/v3/__https:/docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting*20DatabaseMirror*use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror__;JSM!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWB_OAG0Jg$> How to set up a private mirror is all documented there. On Jul 24, 2025, at 01:45, Khedkar, Atish via clamav-users <[email protected]<mailto:[email protected]>> wrote: Thanks @Brendan Bell (brebell)<mailto:[email protected]> for your help. I have understood the client side freshclam configuration. I had questions regarding cvdupdate application. 1. How to set custom target database URL instead of https://database.clamav.net<https://urldefense.com/v3/__https:/database.clamav.net__;!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qycw9D_vxB$>? 2. How to skip dns.txt download? We don’t want to host a DNS database info server. It will be private database mirror repo. Thanks, Atish Khedkar From: Brendan Bell (brebell) <[email protected]<mailto:[email protected]>> Sent: Tuesday, July 22, 2025 10:37 PM To: [email protected]<mailto:[email protected]> Cc: Khedkar, Atish <[email protected]<mailto:[email protected]>> Subject: [EXTERNAL] Re: Need help on clamav database mirroring. Hello Atish, Apologies for the delay. If I have correctly understood you question I believe you may want to look into the following solutions. 1. Try setting DatabaseMirror in freshclam.conf to point at their primary node. A little more detail can be found here: https://docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting%20DatabaseMirror#use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror<https://urldefense.com/v3/__https:/docs.clamav.net/appendix/CvdPrivateMirror.html?highlight=setting*20DatabaseMirror*use-cvdupdate-to-serve-whole-databases-and-database-patch-files-from-a-private-mirror__;JSM!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qyc6N8Kf_N$> 2. We always recommend updating to the newest available version to get the latest security fixes. Currently 1.0.9 or 1.4.3 are the recommended versions. You can ignore dns.txt unless you are looking to host a DNS database info server. As long as you keep your private mirror updating at least every 24 hours you don't need to host a DNS database server. There is nothing specific you need to do to support different clamav client versions in your deployment. It is best to upgrade older clients to ones supported versions in order to get the latest security fixes. Right now these are 1.0.9 or 1.4.3. You can ignore dns.txt unless you wish to host a DNS database info server. You don't need to, so long as you keep your private mirror relatively up to date (updating at least every 24 hours). ________________________________ From: clamav-users <[email protected]<mailto:[email protected]>> on behalf of Khedkar, Atish via clamav-users <[email protected]<mailto:[email protected]>> Sent: Wednesday, July 16, 2025 11:48 AM To: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Cc: Khedkar, Atish <[email protected]<mailto:[email protected]>> Subject: [clamav-users] Need help on clamav database mirroring. Hello Team, There are multiple clamav (along with freshclam) nodes are deployed in our Cloud Data Center. These clamav nodes are directly connecting to public clamav database. That causes the connect rate limit on this CDN as expected. The deployed clamav nodes can be on various version (ranging from 0.104 to 1.4.0) As mentioned in clamav FAQ, we are setting up private mirror repository as shown below in attached image. Following is our thought: 1. Set up a multi-pod ClamAV mirror repository architecture with a primary/secondary model. * The primary node which runs cvd update every 6 hours and stores .cvd, .cdiff, .cld, dns.txt etc. * The secondary node using cvd update should sync data from primary node. 1. Primary and Secondary nodes should maintain patches cdiff files also. Based on above requirement, I have following question: 1. How to set custom target database URL instead of https://database.clamav.net<https://urldefense.com/v3/__https:/database.clamav.net__;!!PEZBYkTc!aCVJ9EUumSmnWXgWa3QcXdEIj__rMfsN7kcesIJJ_gDXRLhFODaxn6-TbaJOSxW8qCUBc4qycw9D_vxB$>? In my case, how can I pass my primary repo URL? 2. If my client clamav version is ranging from 0.104 to 1.4.0 then what thing I need to take care in mirror repository? Any thing related to dns.txt? Thanks, Atish Khedkar _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users<https://urldefense.com/v3/__https:/lists.clamav.net/mailman/listinfo/clamav-users__;!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWD9eGB2bA$> Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation<https://urldefense.com/v3/__https:/github.com/Cisco-Talos/clamav-documentation__;!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWCwxhHI8Q$> https://docs.clamav.net/#mailing-lists-and-chat<https://urldefense.com/v3/__https:/docs.clamav.net/*mailing-lists-and-chat__;Iw!!PEZBYkTc!fv0qpaOkADJAc-XSube9I8s9-tS0ZsMzgoMDtLCgooRDg8qC2xpBeHWlV3RINMLaXW9244BlcWA2v9hXtA$>
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
