configure clamav updates

[ccc]

hi

I have FreeBSD 7.3 and clamav installed from ports:

# pkg_info | grep clamav
clamav-0.97         Command line virus scanner written entirely in C

# ps aux | grep clamav
clamav       866  0.0 20.9 113000 106480  ??  Is    3:17PM   0:12.08 /usr/local/sbin/clamd
clamav       871  0.0  0.6 15492  3188  ??  Is    3:17PM   0:02.85 /usr/local/bin/freshclam --daemon -p /var/run/clamav/fresh

I need clamav for the squid proxy using HAVP.

My configuration:

# cat [B]/usr/local/etc/clamd.conf[/B]

LogFile /var/log/clamav/clamd.log
LogFileUnlock yes
LogFileMaxSize 2M
LogTime yes
LogClean yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /tmp
DatabaseDirectory /var/db/clamav
LocalSocket /var/run/clamav/clamd
FixStaleSocket yes
MaxConnectionQueueLength 30
StreamMaxLength 10M
ReadTimeout 120
IdleTimeout 30
MaxDirectoryRecursion 20
FollowFileSymlinks no
User clamav
AlgorithmicDetection yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables no
ScanOLE2 yes
ScanPDF yes
ScanMail yes
PhishingSignatures yes
PhishingScanURLs yes
PhishingAlwaysBlockSSLMismatch no
PhishingAlwaysBlockCloak no
ScanHTML yes
ScanArchive yes
MaxScanSize 150M
MaxFileSize 30M
MaxRecursion 10
MaxFiles 15000

# cat [file]/usr/local/etc/freshclam.conf[/file]

DatabaseDirectory /var/db/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogFileMaxSize 2M
LogTime yes
PidFile /var/run/clamav/freshclam.pid
DatabaseOwner clamav
DNSDatabaseInfo current.cvd.clamav.net
DatabaseMirror db.ch.clamav.net
DatabaseMirror switch.clamav.net
DatabaseMirror clamav.ftp.genotec.ch
DatabaseMirror clamav.datev.de
DatabaseMirror database.clamav.net
DatabaseMirror clamav.gencore.org
DatabaseMirror database.clamav.net
MaxAttempts 5
ScriptedUpdates yes
Checks 2
NotifyClamd /usr/local/etc/clamd.conf
ConnectTimeout 60
ReceiveTimeout 30

1.) Do I need to create a cron job to update clamav, for example:

0 2,8,14,20 * * * /usr/local/bin/freshclam --quiet -l /var/log/clam-update.log --daemon notify=/usr/local/etc/clamav.conf

Or will it be done automatically from freshclam?

2.) How to create a cron job to scan all files?

 

[DutchDaemon]

You either run freshclam as a daemon (which you appear to be doing) or call freshclam from cron. If you run it as a daemon, you will have to tell it how often to update, e.g.:

       Run as a daemon and check 2 times per day for new database:

              freshclam -d -c 2

This is straight from the manual (freshclam(1).

If you run freshclam from cron, you obviously decide how often to look for updates using the cron interval.

And I'm sure clamscan(1) is not too hard to understand when it comes to scanning your files..

 

[ccc]

Thanks, I've add the following line in the crontab:

# scan all files
05 4 * * *  clamscan -r /  >/dev/null 2>&1

BTW How to configure freshclam to run as a daemon, automatically from the startup?

 

[DutchDaemon]

I don't really know, I use the cron method myself (every two hours). There does not appear to be a start/stop script for it, so starting it in the background from either /etc/rc.local or from root's crontab (use @reboot time) looks like the way to go. You can glean the appropriate flags from freshclam(1).

 

[wblock@]

BTW How to configure freshclam to run as a daemon, automatically from the startup?

/etc/rc.conf

clamav_freshclam_enable="YES"

 

[DutchDaemon]

Ah, I was looking for freshclam, not clamav-freshclam in /usr/local/etc/rc.d Well, there you go.