When Security Analytics (SA) is configured via the GUI to use a web proxy, the ClamAV definition update service 'freshclam' will not use the proxy and cannot reach the Internet.
The following or similar messages may be present in /var/log/messages:
Nov 11 13:18:26 solera1 freshclam: nonblock_connect: connect timing out (30 secs)
Nov 11 13:18:26 solera1 freshclam: Can't connect to port 80 of host database.clamav.net (IP: 22.214.171.124)
Nov 11 13:18:26 solera1 freshclam: Can't download daily.cvd from database.clamav.net
Nov 11 13:18:26 solera1 freshclam: Giving up on database.clamav.net...
Nov 11 13:18:26 solera1 freshclam: Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
The freshclam program is not designed to recognize standard Linux environmental variables used by Security Analytics which define the web proxy.
Further manual configuration is needed for freshclam.
The proxy must be defined in the freshclam configuration file using the following procedure:
1. Log into the device via SSH or at the console as the root user
2. Make a backup of the freshclam configuration file
cp /etc/freshclam.conf /etc/freshclam.conf.orig
3. Edit the freshclam configuration file using the "vi" editor
4. Locate the proxy configuration lines, uncomment the required settings, and modify them to the desired web proxy values
# Proxy settings
# Default: disabled
# If your servers are behind a firewall/proxy which applies User-Agent
# filtering you can use this option to force the use of a different
# User-Agent header.
# Default: clamav/version_number
5. Save the file
6. At the command line, run "
freshclam" to verify that the proxy settings are working and that the updater can reach the ClamAV database servers through the proxy.
7. Restart the ClamAV update service using the command "
service solera-freshclamd restart"
Imported Document ID: 000028398
Subscribing will provide email updates when this Article is updated. Login is required.