Dansguardian freshclam issue
-
Squid fails to work on just localhost selected. I am forced to select my 5 subnets in Squid and then select transparent option to ensure I don't have to do manual proxy configuration on every client.
This config works just perfect in v2.0.3
-
That will bypass DG.
I use the NAT rules to force traffic through DG.
I have a redirection rule where all traffic on all interfaces heading to port 80 is redirected to pfSense's IP : port 8080 instead (the default DG port, which is where I have DG). So even if my manual proxy config on some devices fails, my auto-detect/wpad proxy config on other devices fails, the NAT redirection ensures all traffic goes to DG whether it likes it or not.
The rule has an exception for traffic heading to pfSense:80, so that if a device wants to use wpad it can still do that.
This is obviously only for http traffic. I haven't tackled https traffic through DG/Squid yet.
-
Yes, I keep the same NAT settings as well.
-
So, I finally managed to get freshclam started. It did complain in between about missing /var/db/clamav so I created that as well and gave permissions. But it fails when I start dansguardian with this log
Jul 7 13:55:13 dansguardian[13871]: Unknown return code from content scanner: -1
Jul 7 13:55:13 dansguardian[13871]: Error connecting to ClamD socket
Jul 7 13:55:13 dansguardian[13871]: Unknown return code from content scanner: -1
Jul 7 13:55:13 dansguardian[13871]: Error connecting to ClamD socket
Jul 7 13:55:13 lighttpd[44102]: (connections.c.137) (warning) close: 23 Connection reset by peer
Jul 7 13:54:44 php: /pkg_edit.php: Starting Dansguardian
Jul 7 13:54:44 php: /pkg_edit.php: Starting clamav-clamd -
When I was having problems with my dansguardian / clam / squid install, the packages wouldn't work after changing my config not long ago.
So, I backed up my settings.
reinstalled pfsense.
restored my settings.
rebooted.
Reinstalled my missing packages (the setting were all still there)
Purged my squid cache.rebooted and all was fine.
-
Yeah well I tried that.. doesn't work on 2.1. I presume the dansguardian package is not yet fully compatible with 2.1 and needs work..
Here is what I get with clamd enabled… ofcourse the scanner is not working.
Access to the page:
http://www.msn.com
... has been denied for the following reason:
WARNING: Could not perform content scan!
Categories:
Content scanning
-
haha - yeah. That seems a little suspect.
1 last thing I have done. Go to pfsense console menu, go to command shell and do a freshclam.
freshclam
clamd
-
Yeah I did that already :)
It complained at first about freshclam.log being in use by some other process. After a 10 min wait I reboot the box and ran freshclam again. Worked this time and I see the files being download. Though it complains about old signatures.
-
Well, you are running a beta package on a beta/RC. What could possibly go wrong?
When I get this far down the rabbit hole, I usually start looking towards a fresh install. -
Well I do fresh installs all the time. One small error makes me get rid of the install and start fresh.. :)
-
Yep - For sure for me.
Because fresh install takes 4 minutes, restore config - 1 minute, reload missing packages, 2 minutes.
Then usually all is well.
-
marcelloc,
Can u please fix this freshclam issue on 2.1 . :) -
Got it working with many manipulations that should be corrected in the package (tested on 2.1 RC1):
1. Create missing directories : mkdir /var/log/clamav /var/db/clamav /var/run/clamav
2. Change ownership of these directories : chown clamav /var/log/clamav /var/db/clamav /var/run/clamav
3. Refresh clam db : freshclam
4. Start clam daemon : clamd &Those settings won't survive a reboot : pfSense reset permissions in /var/log and removes directories created in /var/run. This should be coded in the startup script of Dansguardian but I haven't found it yet.
-
Got it working with many manipulations that should be corrected in the package (tested on 2.1 RC1):
1. Create missing directories : mkdir /var/log/clamav /var/db/clamav /var/run/clamav
2. Change ownership of these directories : chown clamav /var/log/clamav /var/db/clamav /var/run/clamav
3. Refresh clam db : freshclam
4. Start clam daemon : clamd &Those settings won't survive a reboot : pfSense reset permissions in /var/log and removes directories created in /var/run. This should be coded in the startup script of Dansguardian but I haven't found it yet.
The dansguardian re-create of the directories and permissions is in the dansguardian.inc file. If you put a valid freshclam and clamav-clamd script in the /usr/local/etc/rc.d directory, then the dansguardian.inc code will correctly re-create the directories and rights.
-
This security package is the only one having issues on 2.1 .. Snort.. Squid.. works great.
-
Got it working with many manipulations that should be corrected in the package (tested on 2.1 RC1):
1. Create missing directories : mkdir /var/log/clamav /var/db/clamav /var/run/clamav
2. Change ownership of these directories : chown clamav /var/log/clamav /var/db/clamav /var/run/clamav
3. Refresh clam db : freshclam
4. Start clam daemon : clamd &Those settings won't survive a reboot : pfSense reset permissions in /var/log and removes directories created in /var/run. This should be coded in the startup script of Dansguardian but I haven't found it yet.
The dansguardian re-create of the directories and permissions is in the dansguardian.inc file. If you put a valid freshclam and clamav-clamd script in the /usr/local/etc/rc.d directory, then the dansguardian.inc code will correctly re-create the directories and rights.
1. Where do I find those scripts?
2. The file /usr/local/etc/rc.d/clamav-clamd exists on my system and looks like a binary file -
1. Where do I find those scripts?
2. The file /usr/local/etc/rc.d/clamav-clamd exists on my system and looks like a binary filedansguardian.inc is in /usr/local/pkg
The clamav-clamd script should be a text file (it's a shell script). If it isn't text then something is wrong. I've attached the contents of mine…
#!/bin/sh # # $FreeBSD: ports/security/clamav/files/clamav-clamd.in,v 1.10 2012/11/17 06:01:01 svnexp Exp $ # # PROVIDE: clamd # REQUIRE: LOGIN # BEFORE: mail # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf to enable clamd: # # clamav_clamd_enable="YES" # clamav_clamd_flags="<set as="" needed="">" # # See clamd(8) for flags # . /etc/rc.subr name=clamav_clamd rcvar=clamav_clamd_enable if [ ! -d /var/run/clamav ];then /bin/mkdir /var/run/clamav;fi if [ ! -d /var/db/clamav ];then /bin/mkdir /var/db/clamav;fi if [ ! -d /var/log/clamav ];then /bin/mkdir -p /var/log/clamav;fi chown -R clamav /var/run/clamav chown -R clamav /var/db/clamav chown -R clamav /var/log/clamav command=/usr/local/sbin/clamd required_dirs=/var/db/clamav required_files=/usr/local/etc/clamd.conf # read settings, set default values load_rc_config "$name" : ${clamav_clamd_enable="YES"} : ${clamav_clamd_socket="/var/run/clamav/clamd.sock"} start_precmd=clamav_clamd_precmd #clamav .93 won't start without a valid main.c[vl]d file clamav_clamd_precmd() { if [ ! -f /var/db/clamav/main.cvd -a ! -f /var/db/clamav/main.cld ];then echo "Missing /var/db/clamav/clamav/*.cvd or *.cld files. You must run freshclam first" exit 1 fi } extra_commands="reload" reload_cmd=clamd_reload clamd_reload() { /usr/local/bin/clamdscan --reload } run_rc_command "$1"</set> -
1. Where do I find those scripts?
2. The file /usr/local/etc/rc.d/clamav-clamd exists on my system and looks like a binary filedansguardian.inc is in /usr/local/pkg
The clamav-clamd script should be a text file (it's a shell script). If it isn't text then something is wrong. I've attached the contents of mine…
Thanks but the script fails at startup with this:
[2.1-RC1][admin@pfsense.local]/root(17): ./clamav-clamd start ./clamav-clamd: WARNING: /usr/local/etc/clamd.conf is not readable. ./clamav-clamd: WARNING: failed precmd routine for clamav_clamdWhat about the freshclam script?
-
1. Where do I find those scripts?
2. The file /usr/local/etc/rc.d/clamav-clamd exists on my system and looks like a binary filedansguardian.inc is in /usr/local/pkg
The clamav-clamd script should be a text file (it's a shell script). If it isn't text then something is wrong. I've attached the contents of mine…
Thanks but the script fails at startup with this:
[2.1-RC1][admin@pfsense.local]/root(17): ./clamav-clamd start ./clamav-clamd: WARNING: /usr/local/etc/clamd.conf is not readable. ./clamav-clamd: WARNING: failed precmd routine for clamav_clamdWhat about the freshclam script?
OK… I didn't run into that particular issue. Is Dans installed? It should have installed clam as part of the dg install. Does the file /usr/local/etc/clamd.conf exist? If so, what do the rights look like on it (do ls -al)? Can you see if the clam executable exists (just do find / -name "clam") and see if it exists anywhere...
I can send you the freshclam script tonight (at work right now) but it won't do you any good if clam isn't installed.
-
OK… I didn't run into that particular issue. Is Dans installed? It should have installed clam as part of the dg install. Does the file /usr/local/etc/clamd.conf exist? If so, what do the rights look like on it (do ls -al)? Can you see if the clam executable exists (just do find / -name "clam") and see if it exists anywhere...
I can send you the freshclam script tonight (at work right now) but it won't do you any good if clam isn't installed.
Clam is installed as part of DansGuardian but on a fresh reboot, freshclam don't work and clamd won't load:
[2.1-RC1][admin@pfsense.cell.local]/root(4): find / -name "clam*" /root/clamav-clamd /usr/local/sbin/clamd /usr/local/bin/clamav-config /usr/local/bin/clambc /usr/local/bin/clamconf /usr/local/bin/clamdscan /usr/local/bin/clamdtop /usr/local/bin/clamscan /usr/local/etc/rc.d/clamav-clamd /usr/local/etc/dansguardian/contentscanners/clamdscan.conf /usr/pbi/freeradius-i386/lib/python2.7/test/decimaltestdata/clamp.decTest /usr/pbi/dansguardian-i386/bin/clamscan /usr/pbi/dansguardian-i386/bin/clamdscan /usr/pbi/dansguardian-i386/bin/clamconf /usr/pbi/dansguardian-i386/bin/clamdtop /usr/pbi/dansguardian-i386/bin/clambc /usr/pbi/dansguardian-i386/bin/clamav-config /usr/pbi/dansguardian-i386/etc/rc.d/clamav-clamd /usr/pbi/dansguardian-i386/etc/rc.d/clamav-freshclam /usr/pbi/dansguardian-i386/etc/clamd.conf.default /usr/pbi/dansguardian-i386/etc/clamd.conf /usr/pbi/dansguardian-i386/etc/dansguardian/contentscanners/clamdscan.conf /usr/pbi/dansguardian-i386/include/clamav.h /usr/pbi/dansguardian-i386/include/clamav-config.h /usr/pbi/dansguardian-i386/sbin/clamd /usr/pbi/dansguardian-i386/share/licenses/clamav-0.97.6 /var/run/clamav /var/run/clamav/clamd.sock /var/run/clamav/clamd.pid /var/mail/clamav /var/log/dansguardian/clamd.log /var/log/clamav /var/log/clamav/clamd.log /var/db/clamav