subject:"\[clamav\-users\] fail updates"

Re: [clamav-users] fail updates

2017-11-07 Thread Simon Mousey Smith

Hi,

Still having a few issues here, even after ' rm -rfv mirrors.dat '

Reading CVD header (main.cvd): WARNING: main.cvd not found on remote server
WARNING: Can't read main.cvd header from db.gb.clamav.net (IP: 193.1.193.64)

WARNING: DNS record is older than 3 hours.
WARNING: Invalid DNS reply. Falling back to HTTP mode.

Regards

Simon

> On 7 Nov 2017, at 00:41, Paul Kosinski  wrote:
> 
> I killed our "mirrors.dat" at 2017-11-06 19:35:35 (EST). It was last
> modified at 2017-11-06 18:06:29 (EST). We'll see what happens.
> 
> Paul Kosinski
> 
> 
> 
> On Mon, 6 Nov 2017 21:21:58 +
> "Joel Esler (jesler)"  wrote:
> 
>> It would be helpful, if, starting now, deleting mirrors.dat and
>> *then* telling us about failing mirrors…. Cause…. We’ve done many
>> changes in the past month, it would be good to start from a clean
>> slate.
>> 
>> 
>> --
>> Joel Esler | Talos: Manager |
>> jes...@cisco.com
> 
>> http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Eric Tykwinski

Sort of weird from personal experience, but OVH seems to update better than 
most.  If anyone on OVH is here, feel free to explain.
Just looking at freshclam logs on my local servers running on links with 
L3/Cogent vs OVH I seem to have less issues on the OVH mirrors.
My personal explanation is that I’m getting just what they are receiving, so I 
don’t see all the failures, and they are probably checking at a higher rate 
then my monitoring servers.  This has nothing to do with Clam, but just the 
distribution of updates amongst caching servers.

I’ve never attempted to mirror a local ClamAV update server, but I wouldn’t be 
opposed, as some of my clients are probably downloading updates as well.  But 
my guess is that you are only getting limited by the local request to the 
server.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

> On Nov 6, 2017, at 4:45 PM, Al Varnell  wrote:
> 
> On Mon, Nov 06, 2017 at 01:21 PM, Joel Esler (jesler) wrote:
>> It would be helpful, if, starting now, deleting mirrors.dat and *then* 
>> telling us about failing mirrors…. Cause…. We’ve done many changes in the 
>> past month, it would be good to start from a clean slate.
> 
> 
> You might want to consider adding a feature to freshclam to delete 
> mirrors.dat when called for either by DNS or a code in a .cdiff update. That 
> way you could fix it for everybody after mirror configuration maintenance 
> actions.
> 
> -Al-
> -- 
> Al Varnell
> Mountain View, CA
> 
> 
> 
> 
> 
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Paul Kosinski

I killed our "mirrors.dat" at 2017-11-06 19:35:35 (EST). It was last
modified at 2017-11-06 18:06:29 (EST). We'll see what happens.

Paul Kosinski



On Mon, 6 Nov 2017 21:21:58 +
"Joel Esler (jesler)"  wrote:

> It would be helpful, if, starting now, deleting mirrors.dat and
> *then* telling us about failing mirrors…. Cause…. We’ve done many
> changes in the past month, it would be good to start from a clean
> slate.
> 
> 
> --
> Joel Esler | Talos: Manager |
> jes...@cisco.com

> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Al Varnell

On Mon, Nov 06, 2017 at 01:21 PM, Joel Esler (jesler) wrote:
> It would be helpful, if, starting now, deleting mirrors.dat and *then* 
> telling us about failing mirrors…. Cause…. We’ve done many changes in the 
> past month, it would be good to start from a clean slate.


You might want to consider adding a feature to freshclam to delete mirrors.dat 
when called for either by DNS or a code in a .cdiff update. That way you could 
fix it for everybody after mirror configuration maintenance actions.

-Al-
-- 
Al Varnell
Mountain View, CA







smime.p7s
Description: S/MIME cryptographic signature
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Joel Esler (jesler)

It would be helpful, if, starting now, deleting mirrors.dat and *then* telling 
us about failing mirrors…. Cause…. We’ve done many changes in the past month, 
it would be good to start from a clean slate.


--
Joel Esler | Talos: Manager | jes...@cisco.com






On Nov 6, 2017, at 2:58 PM, Reindl Harald 
mailto:h.rei...@thelounge.net>> wrote:



Am 06.11.2017 um 20:26 schrieb Benny Pedersen:
Dennis Peterson skrev den 2017-11-06 19:43:
Come to think of it, 130.59.10.36 shouldn't even still be in
mirrors.dat and that is part of the systemic problems in the system.
Nothing cleans up stale entries in mirrors.dat except rm -f
mirrors.dat.
yep, its not working well, i see freshclam using ignore hosts from freshclam 
--list-mirrors
and now worse dns seems failing, freshclam says my internet is down, no its not

that's a error message you get always when things are failing, for many years 
but to know that you would need to regulary look and not only when things are 
obvious broken - clamav updates are slightly broken most of the time
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Reindl Harald




Am 06.11.2017 um 20:26 schrieb Benny Pedersen:

Dennis Peterson skrev den 2017-11-06 19:43:

Come to think of it, 130.59.10.36 shouldn't even still be in
mirrors.dat and that is part of the systemic problems in the system.
Nothing cleans up stale entries in mirrors.dat except rm -f
mirrors.dat.


yep, its not working well, i see freshclam using ignore hosts from 
freshclam --list-mirrors


and now worse dns seems failing, freshclam says my internet is down, no 
its not


that's a error message you get always when things are failing, for many 
years but to know that you would need to regulary look and not only when 
things are obvious broken - clamav updates are slightly broken most of 
the time

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Benny Pedersen


Dennis Peterson skrev den 2017-11-06 19:43:

Come to think of it, 130.59.10.36 shouldn't even still be in
mirrors.dat and that is part of the systemic problems in the system.
Nothing cleans up stale entries in mirrors.dat except rm -f
mirrors.dat.


yep, its not working well, i see freshclam using ignore hosts from 
freshclam --list-mirrors


and now worse dns seems failing, freshclam says my internet is down, no 
its not

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Dennis Peterson

Come to think of it, 130.59.10.36 shouldn't even still be in mirrors.dat and 
that is part of the systemic problems in the system. Nothing cleans up stale 
entries in mirrors.dat except rm -f mirrors.dat.


dp

On 11/6/17 9:02 AM, Benny Pedersen wrote:

freshclam --list-mirrors

Mirror #1
IP: 130.59.10.36
Successes: 391
Failures: 97
Last access: Mon Dec 19 00:46:43 2016
Ignore: No
- 


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Paul Kosinski

Here's our latest actual download (subsequent queries showed nothing new).

Note that 204.130.133.50 worked for us (from 66.31.152.192).

Paul

--  Monday 06 November 2017 at 09:06:03 EST  
--

Current working dir is /opt/clamav.d/clamav.0.99.2/share/clamav
Max retries == 4
ClamAV update process started at Mon Nov  6 09:06:03 2017
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1800
Software version from DNS: 0.99.2
main.cvd version from DNS: 58
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: 
sigmgr)
daily.cvd version from DNS: 24019
Retrieving http://db.us.clamav.net/daily.cvd
Ignoring mirror 74.115.25.14 (due to previous errors)
Ignoring mirror 104.131.196.175 (due to previous errors)
Ignoring mirror 128.199.133.36 (due to previous errors)
Ignoring mirror 12.167.151.1 (due to previous errors)
Ignoring mirror 155.98.64.87 (due to previous errors)
Ignoring mirror 194.8.197.22 (due to previous errors)
Using ip '10.11.14.160' for fetching.
Trying to download http://db.us.clamav.net/daily.cvd (IP: 204.130.133.50)
Downloading daily.cvd [100%]
Loading signatures from daily.cvd
Properly loaded 1772419 signatures from new daily.cvd
daily.cvd updated (version: 24019, sigs: 1772419, f-level: 63, builder: neo)
Querying daily.24019.82.1.0.CC828532.ping.clamav.net
bytecode.cvd version from DNS: 316
bytecode.cvd is up to date (version: 316, sigs: 75, f-level: 63, builder: 
raynman)
Database updated (6338743 signatures) from db.us.clamav.net (IP: 204.130.133.50)
OnUpdateExecute: EXIT_1

--  Monday 06 November 2017 at 09:11:10 EST  
--

On Mon, 6 Nov 2017 09:15:24 -0800
Dennis Peterson  wrote:

> Your report includes mirrors that should be ignored based on last
> access. I built a list of current mirrors from freshclam logs that go
> back only to August.
> 
> grep -h Ignoring freshclam* |grep -v Reading |awk '{print $9}' |sort
> |uniq -c |sort -rn
> 
> The result is an easy to understand (if not jaw dropping) summary -
> number of times seen and the IP:
>      387 128.199.133.36
>      372 104.131.196.175
>      292 12.167.151.1
>      288 74.115.25.14
>      282 204.130.133.50
>      282 194.8.197.22
>      268 155.98.64.87
>      245 69.12.162.28
>      233 72.21.91.8
>      220 198.148.78.4
> 
> Even if these mirrors are healthy there is still a serious underlying
> systemic problem.
> 
> dp
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

2017-11-06 Thread Dennis Peterson

Your report includes mirrors that should be ignored based on last access. I 
built a list of current mirrors from freshclam logs that go back only to August.


grep -h Ignoring freshclam* |grep -v Reading |awk '{print $9}' |sort |uniq -c 
|sort -rn


The result is an easy to understand (if not jaw dropping) summary - number of 
times seen and the IP:

    387 128.199.133.36
    372 104.131.196.175
    292 12.167.151.1
    288 74.115.25.14
    282 204.130.133.50
    282 194.8.197.22
    268 155.98.64.87
    245 69.12.162.28
    233 72.21.91.8
    220 198.148.78.4

Even if these mirrors are healthy there is still a serious underlying systemic 
problem.


dp

On 11/6/17 9:02 AM, Benny Pedersen wrote:

freshclam --list-mirrors

Mirror #1
IP: 130.59.10.36
Successes: 391
Failures: 97
Last access: Mon Dec 19 00:46:43 2016
Ignore: No
-
Mirror #2
IP: 193.1.193.64
Successes: 2122
Failures: 208
Last access: Mon Nov  6 16:44:43 2017
Ignore: Yes
-
Mirror #3
IP: 81.91.100.173
Successes: 2079
Failures: 101
Last access: Sat Nov  4 01:06:08 2017
Ignore: Yes
-
Mirror #4
IP: 129.67.1.218
Successes: 2374
Failures: 59
Last access: Sat Nov  4 00:03:02 2017
Ignore: Yes
-
Mirror #5
IP: 172.110.204.67
Successes: 160
Failures: 364
Last access: Tue May  9 14:47:24 2017
Ignore: No
-
Mirror #6
IP: 130.59.113.36
Successes: 393
Failures: 0
Last access: Thu Feb 16 21:45:53 2017
Ignore: No
-
Mirror #7
IP: 178.79.177.182
Successes: 302
Failures: 112
Last access: Sun Nov  5 05:04:18 2017
Ignore: Yes
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] fail updates

2017-11-06 Thread Benny Pedersen


freshclam --list-mirrors

Mirror #1
IP: 130.59.10.36
Successes: 391
Failures: 97
Last access: Mon Dec 19 00:46:43 2016
Ignore: No
-
Mirror #2
IP: 193.1.193.64
Successes: 2122
Failures: 208
Last access: Mon Nov  6 16:44:43 2017
Ignore: Yes
-
Mirror #3
IP: 81.91.100.173
Successes: 2079
Failures: 101
Last access: Sat Nov  4 01:06:08 2017
Ignore: Yes
-
Mirror #4
IP: 129.67.1.218
Successes: 2374
Failures: 59
Last access: Sat Nov  4 00:03:02 2017
Ignore: Yes
-
Mirror #5
IP: 172.110.204.67
Successes: 160
Failures: 364
Last access: Tue May  9 14:47:24 2017
Ignore: No
-
Mirror #6
IP: 130.59.113.36
Successes: 393
Failures: 0
Last access: Thu Feb 16 21:45:53 2017
Ignore: No
-
Mirror #7
IP: 178.79.177.182
Successes: 302
Failures: 112
Last access: Sun Nov  5 05:04:18 2017
Ignore: Yes
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

Re: [clamav-users] fail updates

[clamav-users] fail updates

11 matches

Site Navigation

Mail list logo

Footer information