Dansguardian - clamdscan(off)
-
I selected clamdscan under general tab and issued freshbclam command through console. But I keep getting the below errors.
May 1 15:08:26 php: /pkg_edit.php: Reloading Dansguardian
May 1 15:08:26 php: /pkg_edit.php: Starting clamav-clamd
May 1 15:08:26 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/clamav-clamd stop' returned exit code '1', the output was 'Stopping clamav_clamd. Waiting for PIDS: 52025. clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamdHere is what I get after running freshclam
$ freshclam
ClamAV update process started at Wed May 1 15:07:10 2013
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
daily.cvd is up to date (version: 17121, sigs: 1198874, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo) -
I've fixed on latest version a bug on clamav-clamd startup script.
Try to unistall dansguardian, remove /usr/local/etc/rc.d/clamav-clamd and reinstall dansguardian.
-
Seems that fixed it. Any way to check and see if the virus scanning is working?
Also I see a lot of this in the log after boot up.
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc: -
I see a lot of this in the log after boot up.
May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:Isn't these logs only on boot time? There are some code to prevent package restart/save config during boot process.
-
Yes I see them only on boot. Should be safe to ignore them.. I suppose.
Also, how do I test if clamdscan antivirus is working?
-
Try and download the test files from http://www.eicar.org/85-0-Download.html
-
Yeah I found that earlier and tested. Works just fine.
-
Try and download the test files from http://www.eicar.org/85-0-Download.html
I'm 99% sure all is ok, but what should I see when I try to download the test eicar file? Am I supposed to get a warning that Clamd blocked something or should the download process just not do anything? When I click on the "Download Anti Malware Test File" my browser shows the spinning icon for about 1/2 second then nothing happens. ???
Thx
UPDATE: I found the warning… /var/log/clamav/clamd.log has /tmp/tfemgsEy: Eicar-Test-Signature FOUND