Re: clamdscan - spcify server?

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: clamdscan - spcify server?
From: koffiejunkie <koffiejunkielistlurker@koffiejunkie.za.net>
Date: Fri, 24 Aug 2007 10:56:55 +0100
Message-id: <[🔎] 46CEAB67.8070807@koffiejunkie.za.net>
In-reply-to: <[🔎] 46CE6336.5030901@earthlink.net>
References: <[🔎] 46CDF27E.8020302@koffiejunkie.za.net> <[🔎] 46CE6336.5030901@earthlink.net>

Mumia W.. wrote:

On 08/23/2007 03:47 PM, koffiejunkie wrote:
Hi guys,
I'm wondering - if I run clamdscan, it connects to clamd automatically(I have it set up with TCP instead of local socket).
If I want clamdscan to use a different server, how do I tell it to? Ican't seem to find any information on this on the clamav website or inthe clamav docs?
Thanks
For clamdscan, you would use the same clamd.conf file that you used toconfigure clamd, e.g.:
clamd -c /path/to/my/clamd.conf
...
clamdscan -c /path/to/my/clamd.conf
If clamdscan is to run on a different machine from clamd, then you'dhave to copy the clamd.conf file from one machine to the other.


I've tried that already:


$ clamdscan --config-file=/home/kj/clamd.conf file.exe
/home/kj/file.exe: lstat() failed. ERROR

----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.003 sec (0 m 0 s)

Where clamd.conf has:

TCPSocket 3310
TCPAddr 89.xxx.xxx.xxx


Strace shows me this (I don't really make much sense of it - over my head):

munmap(0xf7fc6000, 4096)                = 0

connect(3, {sa_family=AF_INET, sin_port=htons(3310),sin_addr=inet_addr("89.xxx.xxx.xxx")}, 16) = 0

write(3, "CONTSCAN /home/kj/file.exe"..., 34) = 34
dup(3)                                  = 4
fcntl64(4, F_GETFL)                     = 0x2 (flags O_RDWR)
fstat64(4, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,0x1000) = 0xf7fc6000

_llseek(4, 0, 0xffa7f51c, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
read(4, "/home/kj/file.exe: lstat"..., 1024) = 49
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0

mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,0x1000) = 0xf7fc5000write(1, "/home/kj/file.exe: lstat"..., 49/home/kj/file.exe: lstat()failed. ERROR

) = 49
read(4, "", 1024)                       = 0
close(4)                                = 0
munmap(0xf7fc6000, 4096)                = 0
close(3)                                = 0
gettimeofday({1187949220, 784232}, {4294967236, 0}) = 0
write(1, "\n----------- SCAN SUMMARY ------"..., 38
----------- SCAN SUMMARY -----------
) = 38
write(1, "Infected files: 0\n", 18Infected files: 0
)     = 18
write(1, "Time: 0.008 sec (0 m 0 s)\n", 26Time: 0.008 sec (0 m 0 s)
) = 26
exit_group(2)                           = ?

Looks like it fails to send it? I can telnet into port 3310 on theremote IP, so that shouldn't be a problem. Any ideas?

Reply to:

Follow-Ups:
- Re: clamdscan - spcify server?
  - From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>

References:
- clamdscan - spcify server?
  - From: koffiejunkie <koffiejunkielistlurker@koffiejunkie.za.net>
- Re: clamdscan - spcify server?
  - From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>

Prev by Date: Re: Cannot open root device "hda1" or unknown-block(0,0)
Next by Date: Re: Renice long-running user processes
Previous by thread: Re: clamdscan - spcify server?
Next by thread: Re: clamdscan - spcify server?
Index(es):
- Date
- Thread