NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Antivirus scanner definition file update failed
ReadyNAS 212 OSversion 6.10.3 Since a couple of days (starting July 5th) my virus definition file update failes.. stating check internet-connection ; my internet connection is fine because the rea...
I kept getting errors while executing command: 'systemctl status clamav-freshclam.service' ; see below
root@Geldrop:~# systemctl status clamav-freshclam.service
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2020-12-23 14:33:45 CET; 15s ago
Process: 6263 ExecStart=/usr/bin/freshclam --quiet (code=exited, status=1/FAILURE)
Main PID: 6263 (code=exited, status=1/FAILURE)Dec 23 14:33:45 Geldrop systemd[1]: Starting ClamAV virus database updater...
Dec 23 14:33:45 Geldrop freshclam[6263]: ClamAV update process started at Wed Dec 23 14:33:45 2020
Dec 23 14:33:45 Geldrop freshclam[6263]: main.cvd is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 23 14:33:45 Geldrop freshclam[6263]: daily.cld is up to date (version: 26026, sigs: 4328586, f-level: 63, builder: raynman)
Dec 23 14:33:45 Geldrop freshclam[6263]: bytecode.cvd is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Main process exited, code=exited, status=1/FAILURE
Dec 23 14:33:45 Geldrop systemd[1]: Failed to start ClamAV virus database updater.
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Unit entered failed state.
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Failed with result 'exit-code'.The following I did after reading the following web-page (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972974):
stopping clamav: 'systemctl stop clamav-daemon'stopping clamav freshclam: 'systemctl stop clamav-freshclam'
adjusting member 'usr.bin.freshclam' in dir: /etc/apparmor.d ; adding 'capability dac_override,' and 'capability chown,'
capability setgid,
capability setuid,
capability dac_override,
capability chown,removing all file from dir: '/var/lib/clamav' (bytecode ; daily ; main ; mirrors ; antivir)
starting clamav : 'systemctl start clamav-daemon'
starting clamav freshclam: 'systemctl start clamav-freshclam'
starting 'clamav freshclam' takes a while (about 2 minutes, I guess) and afterwards it looks like the normal databased-updater is working again.... lets see what happens the coming days...
regards
tl;dr: ran freshclam --no-dns in SSH and my definitions finally update for the first time since mid-July.
So I've been going through the same issues as everybody else since mid-July. Finally decided to really mess around with a bunch of settings and see what I could do. A possible relation is my NAS had been running low on space and I upgraded the drive space recently, hoping that might also kick the AV into doing what it was supposed to do. Nothing.
I upgraded to the 6.10.4 firmware, nothing.
Running freshclam -v wouldn't work to update anything when using SSH to get into the NAS. Looking through the error messages it was throwing, I was wondering if it has something to do with IPv6 and trying to hit clamav that way (even though it also tries through IPv4 addresses). Started messing around with the IPv6 settings on my Orbi to see if that was doing anything and trying to run the freshclam command once again, but wasn't completely successful there either as the Orbi and Fios were not playing nice with each other. The only way I could get anything to successfully work re: IPv6 in the router was with the 6to4 tunnel, and I don't think that could solve anything since my IPv6 tests were still failing. So I went back and disabled all of that stuff to stick with old IPv4 (as a side note, I think Fios is keeping non-Verizon routers from making full use of IPv6, but that's a different story).
I messed with a whole bunch of DNS settings on the NAS itself, and tried running freshclam again with no luck.
So I went back to messing around with freshclam and the different arguments available, and saw the --no-dns argument. My hunch is it still has something to do with how the DNS entries have been set up somewhere and a configuration change was rolled out to the DNS servers which took time to propigate globally in July (possibly in conjunction with an IPv6 change? who knows...) because by running freshclam --no-dns (which is used to "Force old non-DNS verification method"), I was finally able to get my virus definition files to update. I ran freshclam again shortly after with no arguments added on to it, and it updated successfully again. I ran freshclam a third time shortly after that, and it said there was nothing to update, but it made a successful check. Question will be whether the AV will now update on its own automatically without forcing it to or not.
Hopefully this helps somebody somewhere, and that this solution now sticks.
You've gone to a lot of trouble there, hopefully this will help or indeed spark another train of thought to get to a resolution.
Good stuff.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
