Dansguardian - clamdscan(off)



  • I selected clamdscan under general tab and issued freshbclam command through console. But I keep getting the below errors.

    May 1 15:08:26 php: /pkg_edit.php: Reloading Dansguardian
    May 1 15:08:26 php: /pkg_edit.php: Starting clamav-clamd
    May 1 15:08:26 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/clamav-clamd stop' returned exit code '1', the output was 'Stopping clamav_clamd. Waiting for PIDS: 52025. clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd not running? clamav_clamd

    Here is what I get after running freshclam

    $ freshclam
    ClamAV update process started at Wed May  1 15:07:10 2013
    DON'T PANIC! Read http://www.clamav.net/support/faq
    main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
    daily.cvd is up to date (version: 17121, sigs: 1198874, f-level: 63, builder: neo)
    bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)



  • I've fixed on latest version a bug on clamav-clamd startup script.

    Try to unistall dansguardian, remove /usr/local/etc/rc.d/clamav-clamd and reinstall dansguardian.



  • Seems that fixed it. Any way to check and see if the virus scanning is working?

    Also I see a lot of this in the log after boot up.

    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:



  • @asterix:

    I see a lot of this in the log after boot up.
    May 2 10:48:21 php: : [Dansguardian] - Detected boot process pr:1 bp:1 rpc:

    Isn't these logs only on boot time? There are some code to prevent package restart/save config during boot process.



  • Yes I see them only on boot. Should be safe to ignore them.. I suppose.

    Also, how do I test if clamdscan antivirus is working?



  • Try and download the test files from http://www.eicar.org/85-0-Download.html



  • Yeah I found that earlier and tested. Works just fine.



  • @Legion:

    Try and download the test files from http://www.eicar.org/85-0-Download.html

    I'm 99% sure all is ok, but what should I see when I try to download the test eicar file?  Am I supposed to get a warning that Clamd blocked something or should the download process just not do anything?  When I click on the "Download Anti Malware Test File" my browser shows the spinning icon for about 1/2 second then nothing happens.  ???

    Thx

    UPDATE:  I found the warning… /var/log/clamav/clamd.log has /tmp/tfemgsEy: Eicar-Test-Signature FOUND


Log in to reply