OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Zapp on December 19, 2019, 08:58:43 pm

Title: os-clamav plugin only listens to 127.0.0.1
Post by: Zapp on December 19, 2019, 08:58:43 pm

Hi!

Code: [Select]

OPNSense: v19.7.8
os-clamav: v1.7
I have recently started to play with the plugin os-clamav to be used by my mailserver (other machine on local network) for scanning mails.
As far as I can understand the configuration 'Enable TCP port' (This will enable TCP port 3310 in addition to the local socket) should make it listen to port 3310 and be available to other machines on the network.

It turns out that I only get it to listen to 127.0.0.1 port 3310 regardless if it's enabled or disabled in the configuration.

After having a look in /usr/local/etc/clamd.conf I can see the entry for this
TCPAddr 127.0.0.1

How do I get it to listen on either ALL interfaces (*) or the local LAN address of the OPNSense server?

Am I doing something wrong here?

Regards,

   /Jonas...

Title: Re: os-clamav plugin only listens to 127.0.0.1
Post by: fabian on December 19, 2019, 11:04:26 pm

Strange - it should also listen on ::1 for IPv6 which should be used internally.

Title: Re: os-clamav plugin only listens to 127.0.0.1
Post by: Zapp on December 20, 2019, 11:08:41 am

Right now I have manually edited the clamd.conf and commented out the TCPAddr line and restarted the service clamav-clamd

This is my running clamd.conf.

Code: [Select]

LogFile /var/log/clamav/clamd.log
LogTime yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/db/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
TCPSocket 3310
#TCPAddr 127.0.0.1
MaxThreads 10
MaxQueue 100
IdleTimeout 30
MaxDirectoryRecursion 20
User clamav
ScanPE yes
ScanELF yes
ScanOLE2 yes
ScanPDF yes
ScanSWF yes
ScanXMLDOCS yes
ScanHWP3 yes
ScanMail yes
ScanHTML yes
ScanArchive yes
MaxScanSize 100M
MaxFileSize 25M
MaxRecursion 16
MaxFiles 10000

A netstat gives only this.

Code: [Select]

# netstat -an | grep 3310
tcp4       0      0 *.3310                 *.*                    LISTEN
tcp6       0      0 *.3310                 *.*                    LISTEN

   /Jonas...

Title: Re: os-clamav plugin only listens to 127.0.0.1
Post by: Zapp on December 25, 2019, 02:24:44 am

Ok so, I take it nobody knows then. A compleat mystery, or...
I'm the only one using this plug in, or in this way at least.

Anybody care to point me in direction of the source code for this so I at least can have a go on finding out if it's a major bug or that it "works as designed".

Regards,

   /Jonas...

Skickat från min ONEPLUS A3003 via Tapatalk

Title: Re: os-clamav plugin only listens to 127.0.0.1
Post by: mimugmail on December 25, 2019, 08:50:59 am

Create an issue in GitHub please, I can take a look.

Not a major problem, theres a similar issue with rspamd resolving localhost to a different IP version which also breaks