tj-cisco
commented
2 months ago Can you please provide more details of your deployment and the steps taken to reproduce this issue.
Open f1-outsourcing opened 3 months ago
tj-cisco
commented
2 months ago Can you please provide more details of your deployment and the steps taken to reproduce this issue.
f1-outsourcing
commented
2 months ago run clamav-milter on host a, run clamd on host b, now restart host b so it gets a new ip address. The clamav-milter on host a does not update to the new host b ip address.
tj-cisco
commented
2 months ago Ok I think we have found the reason here, the name is only resolved when the milter is started here:
https://github.com/Cisco-Talos/clamav/blob/main/clamav-milter/connpool.c#L110
We should move resolution to the nc_socket function so that it is resolved every time a connection is made: https://github.com/Cisco-Talos/clamav/blob/main/clamav-milter/netcode.c#L82
f1-outsourcing
commented
2 months ago Oh cool, nice this can be fixed :)
f1-outsourcing
commented
1 month ago Shit everything was down again. I am not really sure why this clamd container is getting OOM recently. How long does this type of fix normally take before it finds it's way into el9 repo's?
f1-outsourcing
commented
1 month ago I guess this solution also would detect multiple ip addresses?
If the clamd is getting a new ip address (after failover or so) clamav-milter does not update to the new ip address
clamav-lib-1.0.5-3.el9.x86_64 clamav-filesystem-1.0.5-3.el9.noarch clamav-milter-1.0.5-3.el9.x86_64