This one time, at band camp, Paolo said: > On Mon, Jun 02, 2008 at 11:24:30AM +0100, Stephen Gran wrote: > > The whole point of freshclam is minimize network traffic doing smart updates > very often, else wget(1)/rsync(1) + glue scripts is all that's needed. > The inability of freshclam to build valid .cvd from .diff it retrieves turns > out to be the bug here.
No, the whole point of freshclam is to fetch updates for use by other tools in the clamav suite. Anything else it does, like reduce traffic for fetching certain files, is just a bonus. If your concern is efficiently fetching files, you need to look at a program designed for that, like rsync. Most of the code in freshclam is based around deciding whether an update needs to be fetched, and deciding whether a given download validates as a valid archive, and the signatures and hash sums match. The actual download code is a small part of it. > Indeed setting "ScriptedUpdates no" on the local mirror solved the problem, > though the mirror will fetch whole .cvd. Yes. > But again, IMHO freshclam is broken here: > - what's the point of 2 dB formats, .cld, .cvd for same stuff? The .cld files are used for incremental updates and have a different internal structure to the cvd files. The cvd files have hash based verification methods built into them, and are designed to be verified as a unit. They're different things. If you want to reshare the .cld built on your main server, turn off freshclam on your other machines and just rsync the cld files to them. > - why can it rebuild .cvd from .cld? or conversely, why can't it get & use > .cld right away from (local mirror) if avail (and .cvd not avail)? I suspect the hash sum generation and digital signing mechanisms would fail if it tried to rebuild a .cvd from a .cld. > - why can't it keep incremental stuff so even local (LAN) updates can be > incremental & minimize bw? Because it's not designed for that. > I think freshclam needs some re-thinking. I am very sorry that you are disappointed in your efforts to use freshclam this way, but you have to realize you are taking a tool designed for one purpose, and trying to make it a generalized network efficient wget. It is not that. I'm glad that setting ScriptedUpdates allows you to do what you're trying to do, but I repeat, there are better and more general tools designed to do the sort of things you're doing - freshclam is fairly single purpose. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
