Re: clamdscan - spcify server?

Fri, 24 Aug 2007 02:57:20 -0700 

Mumia W.. wrote:

On 08/23/2007 03:47 PM, koffiejunkie wrote:

Hi guys,
I'm wondering - if I run clamdscan, it connects to clamd automatically (I have it set up with TCP instead of local socket).
If I want clamdscan to use a different server, how do I tell it to? I can't seem to find any information on this on the clamav website or in the clamav docs? 

Thanks
For clamdscan, you would use the same clamd.conf file that you used to configure clamd, e.g.: 

clamd -c /path/to/my/clamd.conf
...
clamdscan -c /path/to/my/clamd.conf
If clamdscan is to run on a different machine from clamd, then you'd have to copy the clamd.conf file from one machine to the other. 

I've tried that already:


$ clamdscan --config-file=/home/kj/clamd.conf file.exe
/home/kj/file.exe: lstat() failed. ERROR

----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.003 sec (0 m 0 s)

Where clamd.conf has:

TCPSocket 3310
TCPAddr 89.xxx.xxx.xxx


Strace shows me this (I don't really make much sense of it - over my head):

munmap(0xf7fc6000, 4096)                = 0
connect(3, {sa_family=AF_INET, sin_port=htons(3310), sin_addr=inet_addr("89.xxx.xxx.xxx")}, 16) = 0 
write(3, "CONTSCAN /home/kj/file.exe"..., 34) = 34
dup(3)                                  = 4
fcntl64(4, F_GETFL)                     = 0x2 (flags O_RDWR)
fstat64(4, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x1000) = 0xf7fc6000 
_llseek(4, 0, 0xffa7f51c, SEEK_CUR)     = -1 ESPIPE (Illegal seek)
read(4, "/home/kj/file.exe: lstat"..., 1024) = 49
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 5), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x1000) = 0xf7fc5000 write(1, "/home/kj/file.exe: lstat"..., 49/home/kj/file.exe: lstat() failed. ERROR 
) = 49
read(4, "", 1024)                       = 0
close(4)                                = 0
munmap(0xf7fc6000, 4096)                = 0
close(3)                                = 0
gettimeofday({1187949220, 784232}, {4294967236, 0}) = 0
write(1, "\n----------- SCAN SUMMARY ------"..., 38
----------- SCAN SUMMARY -----------
) = 38
write(1, "Infected files: 0\n", 18Infected files: 0
)     = 18
write(1, "Time: 0.008 sec (0 m 0 s)\n", 26Time: 0.008 sec (0 m 0 s)
) = 26
exit_group(2)                           = ?
Looks like it fails to send it? I can telnet into port 3310 on the remote IP, so that shouldn't be a problem. Any ideas? 


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to