search

Cisco-Talos / cvdupdate

ClamAV Private Database Mirror Updater Tool
Apache License 2.0
93 stars 35 forks source link

There is a problem for cvd update behind proxy(Squid) #53

Closed HCKCh closed 4 months ago

HCKCh commented 1 year ago

As title, I've setup a clamav mirror server behind a proxy server(adopted Squid).

However, there still existing issues that cannot be resolved...

First I've followed the instruction to setup nameserver by cvd config set --nameserver my_proxy_ip

And config was shown in following...

#cvd config show
Config file: /root/.cvdupdate/config.json

Config:
{
    "nameserver": "my_proxy_ip",
    "max retry": 3,
    "log directory": "/root/.cvdupdate/logs",
    "rotate logs": true,
    "# logs to keep": 30,
    "db directory": "/var/www/html/clamav/",
    "rotate cdiffs": true,
    "# cdiffs to keep": 30,
    "state file": "/root/.cvdupdate/state.json"
}

Then issue the command and the log was shown as following:

#http_proxy=http://my_proxy_ip:my_proxy_port https_proxy=http://my_proxy_ip:my_proxy_port cvd update -V
2023-08-15 06:32:27 cvdupdate-1.1.1 DEBUG Checking for a newer version of cvdupdate.
2023-08-15 06:32:29 cvdupdate-1.1.1 DEBUG cvdupdate is up-to-date: 1.1.1.
2023-08-15 06:32:29 cvdupdate-1.1.1 DEBUG Checking available versions via DNS TXT entry query of current.cvd.clamav.net
2023-08-15 06:32:29 cvdupdate-1.1.1 INFO Found configuration provided nameservers: my_proxy_ip
2023-08-15 06:32:29 cvdupdate-1.1.1 INFO Using nameservers: ['my_proxy_ip']
2023-08-15 06:32:34 cvdupdate-1.1.1 DEBUG EXCEPTION OCCURRED: The resolution lifetime expired after 5.105 seconds: Server Do53:my_proxy_ip@53 answered The DNS operation timed out.
2023-08-15 06:32:34 cvdupdate-1.1.1 WARNING Failed to determine available version via DNS TXT query!
2023-08-15 06:32:34 cvdupdate-1.1.1 ERROR Failed to update: DNS query failed.

Does there anything I needs to setup on no matter proxy server or this virus definition mirror server?

uudecode commented 6 months ago

look, this package using requests library, so you just can use environment variables HTTP_PROXY and HTTPS_PROXY

micahsnyder commented 4 months ago

@uudecode Thanks for the answer. I was not aware of this option.

@HCKCh If you have an additional issue, feel free to reopen the ticket or else create another.