Hello!
I got a strange behavior of freshclam
Till the oct 31 everything was ok:
Tue Oct 31 06:31:03 2017 -> --
Tue Oct 31 06:31:03 2017 -> ClamAV update process started at Tue Oct 31
06:31:03 2017
Tue Oct 31 06:31:03 2017 -> main.cvd is up to date (version: 58, sigs: 4566249,
f-level: 60, builder: sigmgr)
Tue Oct 31 06:31:04 2017 -> Downloading daily-24003.cdiff [100%]
Tue Oct 31 06:31:09 2017 -> daily.cld updated (version: 24003, sigs: 1767407,
f-level: 63, builder: neo)
Tue Oct 31 06:31:54 2017 -> Downloading safebrowsing-46596.cdiff [100%]
Tue Oct 31 06:32:16 2017 -> safebrowsing.cld updated (version: 46596, sigs:
3172593, f-level: 63, builder: google)
Tue Oct 31 06:32:16 2017 -> bytecode.cvd is up to date (version: 313, sigs: 73,
f-level: 63, builder: neo)
Tue Oct 31 06:32:24 2017 -> Database updated (9506322 signatures) from
database.clamav.net (IP: 145.58.29.83)
Wed Nov 1 03:16:03 2017 -> --
But:
Wed Nov 1 03:16:03 2017 -> --
Wed Nov 1 03:16:03 2017 -> ClamAV update process started at Wed Nov 1
03:16:03 2017
Wed Nov 1 03:16:03 2017 -> WARNING: DNS record is older than 3 hours.
Wed Nov 1 03:16:03 2017 -> WARNING: Invalid DNS reply. Falling back to HTTP
mode.
Wed Nov 1 03:16:03 2017 -> Reading CVD header (main.cvd): Wed Nov 1 03:16:04
2017 -> OK
Wed Nov 1 03:16:04 2017 -> main.cvd is up to date (version: 58, sigs: 4566249,
f-level: 60, builder: sigmgr)
Wed Nov 1 03:16:04 2017 -> Reading CVD header (daily.cvd): Wed Nov 1 03:16:04
2017 -> OK
Wed Nov 1 03:16:04 2017 -> Downloading daily-24004.cdiff [100%]
Wed Nov 1 03:16:04 2017 -> Downloading daily-24005.cdiff [100%]
Wed Nov 1 03:16:09 2017 -> daily.cld updated (version: 24005, sigs: 1767974,
f-level: 63, builder: neo)
Wed Nov 1 03:16:09 2017 -> Reading CVD header (safebrowsing.cvd): Wed Nov 1
03:16:09 2017 -> OK
Wed Nov 1 03:16:49 2017 -> Downloading safebrowsing-46597.cdiff [100%]
Wed Nov 1 03:17:49 2017 -> Downloading safebrowsing-46598.cdiff [100%]
Wed Nov 1 03:18:11 2017 -> safebrowsing.cld updated (version: 46598, sigs:
3172105, f-level: 63, builder: google)
Wed Nov 1 03:18:11 2017 -> Reading CVD header (bytecode.cvd): Wed Nov 1
03:18:11 2017 -> OK
Wed Nov 1 03:18:11 2017 -> bytecode.cvd is up to date (version: 313, sigs: 73,
f-level: 63, builder: neo)
Wed Nov 1 03:18:19 2017 -> Database updated (9506401 signatures) from
database.clamav.net (IP: 145.58.29.83)
Later manually:
Wed Nov 1 07:16:39 2017 -> --
Wed Nov 1 07:16:39 2017 -> ClamAV update process started at Wed Nov 1
07:16:39 2017
Wed Nov 1 07:16:39 2017 -> WARNING: DNS record is older than 3 hours.
Wed Nov 1 07:16:39 2017 -> WARNING: Invalid DNS reply. Falling back to HTTP
mode.
Wed Nov 1 07:16:39 2017 -> Reading CVD header (main.cvd): Wed Nov 1 07:16:41
2017 -> WARNING: Unknown response from remote server
Wed Nov 1 07:16:41 2017 -> WARNING: Can't read main.cvd header from
database.clamav.net (IP: 194.109.6.97)
Wed Nov 1 07:16:41 2017 -> Trying again in 5 secs...
Wed Nov 1 07:16:46 2017 -> ClamAV update process started at Wed Nov 1
07:16:46 2017
Wed Nov 1 07:16:46 2017 -> WARNING: DNS record is older than 3 hours.
Wed Nov 1 07:16:46 2017 -> WARNING: Invalid DNS reply. Falling back to HTTP
mode.
..
After reading the official mirror-faq i resolve manually:
host -t txt current.cvd.clamav.net
current.cvd.clamav.net descriptive text
"0.99.2:58:24005:1509480502:1:63:46598:313"
I remove all files from the DatabaseDirectory and re-run freshclam:
ClamAV update process started at Wed Nov 1 11:10:13 2017
WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Downloading main.cvd [100%]
main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily.cvd [100%]
daily.cvd updated (version: 24005, sigs: 1767974, f-level: 63, builder: neo)
Downloading safebrowsing.cvd [100%]
safebrowsing.cvd updated (version: 46598, sigs: 3172105, f-level: 63, builder:
google)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 313, sigs: 73, f-level: 63, builder: neo)
Database updated (9506401 signatures) from database.clamav.net (IP:
145.58.29.83)
What's wrong?
--
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml