[Pkg-clamav-devel] Bug#507132: FW by linux4michelle at tamay-dogan.net : Re: Bug#507132: Bug#507132: connection errors
Michelle Konzack
linux4michelle at tamay-dogan.net
Mon Dec 1 23:42:03 UTC 2008
Hello Michael,
Am 2008-12-01 11:39:32, schrieb Michael Tautschnig:
> Ok, tried just now on a server located in Austria:
Configured while installin clamav-data
> server:~# freshclam --list-mirrors
> Mirror #1
> IP: 129.27.65.27
> Successes: 1478
> Failures: 12
> Last access: Mon Dec 1 15:28:13 2008
> Ignore: No
> -------------------------------------
> Mirror #2
> IP: 81.223.20.171
> Successes: 2846
> Failures: 13
> Last access: Mon Dec 1 18:28:14 2008
> Ignore: No
>
> (your output of freshclam --list-mirrors may be useful as well)
samba3:~# apt-get install clamav-freshclam
Reading package lists... Done
Building dependency tree... Done
clamav-freshclam is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.
2 not fully installed or removed.
Need to get 0B of archives.
After unpacking 0B of additional disk space will be used.
Setting up clamav-freshclam (0.94.dfsg.1-1~volatile1) ...
Replacing config file /etc/clamav/freshclam.conf with new version
Starting database update:
ClamAV update process started at Mon Dec 1 23:47:19 2008
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94.1 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
Downloading main.cvd [ 30%]
Setting up davfs2 (1.1.2-3) ...
dpkg: error processing davfs2 (--configure):
subprocess post-installation script returned error exit status 30
Errors were encountered while processing:
davfs2
E: Sub-process /usr/bin/dpkg returned an error code (1)
samba3:~# freshclam --list-mirrors
Can't read mirrors.dat
It has only downloaded 30% of main.vcd and then unexpected toped...
And then it can not fine mirrors.dat.
> server:~# freshclam -v --datadir=/tmp/clamav
> Current working dir is /tmp/clamav
> Max retries == 5
> ClamAV update process started at Mon Dec 1 20:19:03 2008
> Using IPv6 aware code
> Querying current.cvd.clamav.net
> TTL: 387
> Software version from DNS: 0.94.2
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Local version: 0.94.1 Recommended version: 0.94.2
> DON'T PANIC! Read http://www.clamav.net/support/faq
> Retrieving http://db.local.clamav.net/main.cvd
> Trying to download http://db.local.clamav.net/main.cvd (IP: 81.223.20.171)
> Downloading main.cvd [100%]
> main.cvd updated (version: 49, sigs: 437972, f-level: 35, builder: sven)
> Retrieving http://db.local.clamav.net/daily.cvd
> Trying to download http://db.local.clamav.net/daily.cvd (IP: 81.223.20.171)
> Downloading daily.cvd [100%]
> daily.cvd updated (version: 8704, sigs: 31342, f-level: 38, builder: ccordes)
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Current functionality level = 37, recommended = 38
> DON'T PANIC! Read http://www.clamav.net/support/faq
> Database updated (469314 signatures) from db.local.clamav.net (IP: 81.223.20.171)
samba3:~# mkdir /tmp/clamav
samba3:~# freshclam -v --datadir=/tmp/clamav
Current working dir is /tmp/clamav
Max retries == 5
ClamAV update process started at Tue Dec 2 00:08:26 2008
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 900
Software version from DNS: 0.94.2
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94.1 Recommended version: 0.94.2
DON'T PANIC! Read http://www.clamav.net/support/faq
Retrieving http://db.local.clamav.net/main.cvd
Retrieving http://db.local.clamav.net/main.cvd
Trying to download http://db.local.clamav.net/main.cvd (IP: 88.198.17.100)
ERROR: getfile: Can't create new file /tmp/clamav/clamav-46b42bd66e179ece05d2028108be59db in /tmp/clamav
Hint: The database directory must be writable for UID 107 or GID 106
WARNING: Can't download main.cvd from db.local.clamav.net
samba3:~# ls -dAl /tmp/clamav
drwxrwxrwx 2 root root 4096 2008-12-02 00:08 /tmp/clamav
I have attached a compressed 4 MByte tcpdump from the installation to
now...
> Hmm, did you upgrade all of clamav to the version from volatile? You should have
> done so, upgrading clamav-data only will not get us much further ...
Yes:
samba3:~# apt-cache policy clamav clamav-base clamav-daemon clamav-freshclam
clamav:
Installed: 0.94.dfsg.1-1~volatile1
Candidate: 0.94.dfsg.1-1~volatile1
Version table:
*** 0.94.dfsg.1-1~volatile1 0
1000 http://volatile.debian.org etch/volatile/main Packages
100 /var/lib/dpkg/status
0.94.dfsg-1~bpo40+1 0
500 http://www.backports.org etch-backports/main Packages
0.90.1dfsg-4etch15 0
1000 ftp://security.debian.org etch/updates/main Packages
0.90.1dfsg-3.1+etch14 0
950 ftp://ftp2.de.debian.org etch/main Packages
0.90.1dfsg-3etch9 0
1000 http://samba3.private.tamay-dogan.net etch/main Packages
500 file: etch/main Packages
clamav-base:
Installed: 0.94.dfsg.1-1~volatile1
Candidate: 0.94.dfsg.1-1~volatile1
Version table:
*** 0.94.dfsg.1-1~volatile1 0
1000 http://volatile.debian.org etch/volatile/main Packages
100 /var/lib/dpkg/status
0.94.dfsg-1~bpo40+1 0
500 http://www.backports.org etch-backports/main Packages
0.90.1dfsg-4etch15 0
1000 ftp://security.debian.org etch/updates/main Packages
0.90.1dfsg-3.1+etch14 0
950 ftp://ftp2.de.debian.org etch/main Packages
0.90.1dfsg-3etch9 0
1000 http://samba3.private.tamay-dogan.net etch/main Packages
500 file: etch/main Packages
clamav-daemon:
Installed: 0.94.dfsg.1-1~volatile1
Candidate: 0.94.dfsg.1-1~volatile1
Version table:
*** 0.94.dfsg.1-1~volatile1 0
1000 http://volatile.debian.org etch/volatile/main Packages
100 /var/lib/dpkg/status
0.94.dfsg-1~bpo40+1 0
500 http://www.backports.org etch-backports/main Packages
0.90.1dfsg-4etch15 0
1000 ftp://security.debian.org etch/updates/main Packages
0.90.1dfsg-3.1+etch14 0
950 ftp://ftp2.de.debian.org etch/main Packages
0.90.1dfsg-3etch9 0
1000 http://samba3.private.tamay-dogan.net etch/main Packages
500 file: etch/main Packages
clamav-freshclam:
Installed: 0.94.dfsg.1-1~volatile1
Candidate: 0.94.dfsg.1-1~volatile1
Version table:
*** 0.94.dfsg.1-1~volatile1 0
1000 http://volatile.debian.org etch/volatile/main Packages
100 /var/lib/dpkg/status
0.94.dfsg-1~bpo40+1 0
500 http://www.backports.org etch-backports/main Packages
0.90.1dfsg-4etch15 0
1000 ftp://security.debian.org etch/updates/main Packages
0.90.1dfsg-3.1+etch14 0
950 ftp://ftp2.de.debian.org etch/main Packages
0.90.1dfsg-3etch9 0
1000 http://samba3.private.tamay-dogan.net etch/main Packages
500 file: etch/main Packages
> Whereever you can catch all the packets that should travel from/to clamav
> upgrade servers. The commandline should be
>
> tcpdump -vvv -i eth0 tcp port 80
See the attached file...
> You might want to experiment with -v vs. -vvv to see how much output is useful.
I was looking into the dump, but understand nothing...
...except, that if I go to the DNS
http://static.88-198-17-100.clients.your-server.de/
I am redirected to
http://www.julispace.com/
And realy, I do not like unknown connections to private servers...
I do not understand, WHY clamav is connecting to this server...
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tcpdump.log.gz
Type: application/octet-stream
Size: 187126 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20081202/95a0557a/attachment-0001.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20081202/95a0557a/attachment-0001.pgp
More information about the Pkg-clamav-devel
mailing list