ClamAV doesnt appear to be scanning sites and downloads

320 views
Skip to first unread message

Chris Mottershead

unread,
Apr 22, 2017, 3:17:54 PM4/22/17
to e2guardian
I have been trying to setup e2gaurdian and clamAV, so far I have installed e2guardian and clamAV onto a VM running Ubuntu 16.04, I have followed this guide (https://wiki.contribs.org/Dansguardian#ClamAV_support) I can find online and have set the user for e2guardian to 'clamav' and change the socket path to match clamav.conf and e2guardian starts, I have also setup SSL MITM and that appears to be working.

However when I try downloading the EICAR test virus the download starts, previously I was using dansguardian with clamAV and the download was blocked am I missing something?




Chris Mottershead

unread,
Apr 23, 2017, 2:28:30 PM4/23/17
to e2guardian
I forgot to mention the same setup worked with version 3.5.1

FredB

unread,
Apr 24, 2017, 10:06:04 AM4/24/17
to e2guardian
Built with '--enable-clamd=yes' ?

Chris Mottershead

unread,
Apr 24, 2017, 10:20:25 AM4/24/17
to e2guardian
yes, i also tried to use avast and that has the same effect, i have gne back to 3.5.1 now and all is working again


On Monday, 24 April 2017 15:06:04 UTC+1, FredB wrote:
Built with '--enable-clamd=yes' ?

brun...@gmail.com

unread,
May 10, 2017, 9:54:47 AM5/10/17
to e2guardian
Em segunda-feira, 24 de abril de 2017 11:20:25 UTC-3, Chris Mottershead escreveu:
> yes, i also tried to use avast and that has the same effect, i have gne back to 3.5.1 now and all is working again
>
>
>
> On Monday, 24 April 2017 15:06:04 UTC+1, FredB wrote:Built with '--enable-clamd=yes' ?

Hi,

I have the same problem.
I am using version 4.1 of e2guardian and with clamd enabled.
e2guardian -v
e2guardian 4.1.0

Built with: '--prefix=/usr' '--enable-clamd=yes' '--with-proxyuser=e2guardian' '--with-proxygroup=e2guardian' '--sysconfdir=/etc' '--localstatedir=/var' '--enable-icap=yes' '--enable-commandline=yes' '--enable-email=yes' '--enable-ntlm=yes' '--enable-trickledm=yes' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--enable-pcre=yes' '--enable-sslmitm=yes'


I have seen that in the URL it appears as VERIFIED for some websites. But when I try to download the test file at: http://www.eicar.org/download/eicar.com.txt
This site does not even appear in the log and I can download the file. I know that clamdscan is working if I copy the file directly to the server and run the clamdscan it informs that it is the EICAR.

FredB

unread,
May 18, 2017, 7:54:00 AM5/18/17
to e2guardian
Do you have something in log ?
Reply all
Reply to author
Forward
0 new messages