[clamav-users] Error 403 downloading virus updates

2022-02-10 Thread Paul Furnival via clamav-users 
I am running CLAMAV on a number of servers running different linux 
distributions and, therefore, different versions of the clamav engine.  2 of 
the servers have started to give errors when trying to upload the definition 
files.  These errors came to light as emails I received,

In following this through, it would appear that cloudfare is returning an 
"Error 1020" which ripples down to CLAMAV as a 403 error.

Cloudfare say that this error is because the client has contravened a firewall 
rule but, as the client, I cannot see what this is so have no idea how to fix 
it.

One test I have carried out is to download the file from another computer on 
the same network using the same firewall fro NAT (so the same ip address to the 
remote servers) using a web browser and the file downloads OK.  This would 
suggest that I am not being blocked due to a limit on how many requests can be 
delivered from a given IP address

I have tried to update Clamav but there is no newer package for the 
distribution.  It is possible (although I can't prove ite) that cloudfare is 
checking the user agent and seeing my installation is too old?

This is the email that warned me of the problem:
===
ERROR: downloadFile: Unexpected response (403) from 
database.clamav.net/daily-26440.cdiff
ERROR: getpatch: Can't download daily-26440.cdiff from 
database.clamav.net/daily-26440.cdiff
ERROR: downloadFile: Unexpected response (403) from 
database.clamav.net/daily.cvd
ERROR: getcvd: Can't download daily.cvd from database.clamav.net/daily.cvd
ERROR: Update failed for database: daily
ERROR: Database update process failed: HTTP GET failed (11)
ERROR: Update failed.
===



and this is the output from  freshclam --debug --verbose
===
ClamAV update process started at Thu Feb 10 15:21:42 2022
Current working dir is /var/lib/clamav/
Querying current.cvd.clamav.net
TTL: 587
fc_dns_query_update_info: Software version from DNS: 0.103.5
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.102.4 Recommended version: 0.103.5
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Current working dir is /var/lib/clamav/
check_for_new_database_version: No local copy of "daily" database.
query_remote_database_version: daily.cvd version from DNS: 26449
daily database available for download (remote version: 26449)
Retrieving https://database.clamav.net/daily.cvd
downloadFile: Download source:  https://database.clamav.net/daily.cvd
downloadFile: Download destination: 
/var/lib/clamav/tmp.d974a/clamav-57c27d81b66a259b02e9dc00177a1f51.tmp
* About to connect() to database.clamav.net port 443 (#0)
*   Trying 104.16.218.84...
* Connected to database.clamav.net (104.16.218.84) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*   subject: CN=sni.cloudflaressl.com,O="Cloudflare, Inc.",L=San 
Francisco,ST=California,C=US
*   start date: Jul 15 00:00:00 2021 GMT
*   expire date: Jul 14 23:59:59 2022 GMT
*   common name: sni.cloudflaressl.com
*   issuer: CN=Cloudflare Inc ECC CA-3,O="Cloudflare, Inc.",C=US
> GET /daily.cvd HTTP/1.1
User-Agent: ClamAV/0.102.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Host: database.clamav.net
Accept: */*
Connection: close

< HTTP/1.1 403 Forbidden
< Date: Thu, 10 Feb 2022 15:21:42 GMT
< Content-Type: text/plain; charset=UTF-8
< Content-Length: 16
< Connection: close
< X-Frame-Options: SAMEORIGIN
< Referrer-Policy: same-origin
< Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, 
post-check=0, pre-check=0
< Expires: Thu, 01 Jan 1970 00:00:01 GMT
< Expect-CT: max-age=604800, 
report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct;
< Strict-Transport-Security: max-age=15552000
< X-Content-Type-Options: nosniff
< Server: cloudflare
< CF-RAY: 6db6542848e5f3df-LHR
<
Time: 0.3s, ETA: 0.0s [=>] 16B/16B
* Closing connection 0
WARNING: downloadFile: Unexpected response (403) from 
https://database.clamav.net/daily.cvd
WARNING: getcvd: Can't download daily.cvd from 
https://database.clamav.net/daily.cvd
Trying again in 5 secs...
==

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] clamconf not installed by package manager

2021-09-22 Thread Paul Furnival via clamav-users 
I have installed CLAMAV following the documentation and it mentions
creating / checking configuration settings with clamconf.  However,
clamconf has not been installed nor can I see it as a separate
package.
Can anyone please advise how I get this installed.

Thanks




System Info:
==
 No LSB modules are available.
 Distributor ID: Debian
 Description:Debian GNU/Linux 11 (bullseye)
 Release:11
 Codename:   bullseye


Package details:

 Package: clamav
 Version: 0.103.3+dfsg-0+deb11u1
 Priority: optional
 Section: utils
 Maintainer: ClamAV Team 
 Installed-Size: 794 kB


Files the package installed into /usr/bin:
=
 1) clambc
 2) clamscan
 3) clamsubmit
 4) freshclam

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml