NAME
freshclam.conf - Configuration file for Clam AntiVirus database update tool
DESCRIPTION
The file freshclam.conf configures the Clam AntiVirus Database Updater, freshclam(1).
FILE FORMAT
The file consists of comments and options with arguments. Each line which starts with a hash (#) symbol is ignored by the parser. Options and arguments are case sensitive and of the form Option Argument. The arguments are of the following types:
|
BOOL |
Boolean value (yes/no or true/false or 1/0). | ||
|
STRING |
String without blank characters. | ||
|
SIZE |
Size in bytes. You can use ’M’ or ’m’ modifiers for megabytes and ’K’ or ’k’ for kilobytes. | ||
|
NUMBER |
Unsigned integer. |
DIRECTIVES
When an option
is not used (hashed or doesn’t exist in the
configuration file) freshclam takes a default action.
Example
If this option is set freshclam will not run.
LogFileMaxSize SIZE
Limit the size of the log file.
The logger will be automatically disabled if the file is
greater than SIZE. Value of 0 disables the limit.
Default: 1M
LogTime BOOL
Log time with each message.
Default: no
LogSyslog BOOL
Enable logging to Syslog. May
be used in combination with UpdateLogFile.
Default: disabled.
LogFacility STRING
Specify the type of syslog
messages - please refer to ’man syslog’ for
facility names.
Default: LOG_LOCAL6
LogVerbose BOOL
Enable verbose logging.
Default: disabled
LogRotate BOOL
Rotate log file. Requires
LogFileMaxSize option set prior to this option.
Default: no
PidFile STRING
Write the daemon’s pid to
the specified file.
Default: disabled
DatabaseDirectory STRING
Path to a directory containing
database files.
Default: /var/lib/clamav
Foreground BOOL
Don’t fork into
background.
Default: no
Debug BOOL
Enable debug messages in
libclamav.
Default: no
UpdateLogFile STRING
Enable logging to a specified
file. Highly recommended.
Default: disabled.
DatabaseOwner STRING
When started by root, drop
privileges to a specified user.
Default: clamav
Checks NUMBER
Number of database checks per
day.
Default: 12
DNSDatabaseInfo STRING
Use DNS to verify the virus
database version. FreshClam uses DNS TXT records to verify
the versions of the database and software itself. With this
directive you can change the database verification domain.
WARNING: Please don’t change it unless
you’re configuring freshclam to use your own database
verification domain.
Default: enabled, pointing to current.cvd.clamav.net
DatabaseMirror STRING
DatabaseMirror specifies to
which mirror(s) freshclam should connect. You should have at
least one entries: database.clamav.net. Now that CloudFlare
is being used as our Content Delivery Network (CDN), this
one domain name works world-wide to direct freshclam to the
closest geographic endpoint.
Default: database.clamav.net
PrivateMirror STR
This option allows you to
easily point freshclam to private mirrors. If PrivateMirror
is set, freshclam does not attempt to use DNS to determine
whether its databases are out-of-date, instead it will use
the If-Modified-Since request or directly check the headers
of the remote database files. For each database, freshclam
first attempts to download the CLD file. If that fails, it
tries to download the CVD file. This option overrides
DatabaseMirror, DNSDatabaseInfo and ScriptedUpdates. It can
be used multiple times to provide fall-back mirrors.
Default: disabled
MaxAttempts NUMBER
How many attempts (per mirror)
to make before giving up.
Default: 3 (per mirror)
ScriptedUpdates BOOL
With this option you can
control scripted updates. It’s highly recommended to
keep it enabled.
Default: yes
TestDatabases BOOL
With this option enabled,
freshclam will attempt to load new databases into memory to
make sure they are properly handled by libclamav before
replacing the old ones.
Default: enabled
CompressLocalDatabase BOOL
By default freshclam will keep
the local databases (.cld) uncompressed to make their
handling faster. With this option you can enable the
compression; the change will take effect with the next
database update.
Default: no
ExtraDatabase STRING
Download an additional 3rd
party signature database distributed through the ClamAV
mirrors. This option can be used multiple times.
Default: disabled
ExcludeDatabase STRING
Exclude a standard signature
database (opt-out). This option can be used multiple times.
Default: disabled
DatabaseCustomURL STRING
With this option you can
provide custom sources for database files. This option can
be used multiple times. Support for:
http(s)://, ftp(s)://, or file:// Example usage:
DatabaseCustomURL https://myserver.com:4567/allow_list.wdb
Default: disabled
HTTPProxyServer STR, HTTPProxyPort NUMBER
Use given proxy server and TCP
port for database downloads. The HTTPProxyServer may be
prefixed with [scheme]:// to specify which kind of proxy is
used.
http:// HTTP Proxy. Default when no scheme or proxy type is
specified.
https:// HTTPS Proxy. (Added in 7.52.0 for OpenSSL, GnuTLS
and NSS)
socks4:// SOCKS4 Proxy.
socks4a:// SOCKS4a Proxy. Proxy resolves URL hostname.
socks5:// SOCKS5 Proxy.
socks5h:// SOCKS5 Proxy. Proxy resolves URL hostname.
HTTPProxyUsername STR,HTTPProxyPassword STRING
Proxy usage is authenticated
through given username and password.
Default: disabled
HTTPUserAgent STRING
If your servers are behind a
firewall/proxy which applies User-Agent filtering, you can
use this option to force the use of a different User-Agent
header. As of ClamAV 0.103.3, this setting may not be used
when updating from the clamav.net CDN and can only be used
when updating from a private mirror.
Default: clamav/version_number
NotifyClamd STRING
Notify a running clamd(8) to
reload its database after a download has occurred. The path
for clamd.conf file must be provided.
Default: The default is to not notify clamd. See
clamd.conf(5)’s option SelfCheck for how clamd(8)
handles database updates in this case.
OnUpdateExecute STRING
Execute this command after the
database has been successfully updated.
Default: disabled
OnErrorExecute STRING
Execute this command after a
database update has failed.
Default: disabled
OnOutdatedExecute STRING
Execute this command when
freshclam reports outdated version. In the command string %v
will be replaced by the new version number.
Default: disabled
LocalIPAddress IP
Use IP as client address
for downloading databases. Useful for multi homed systems.
Default: Use OS’es default outgoing IP address.
ConnectTimeout NUMBER
Timeout in seconds when
connecting to database server.
Default: 10
ReceiveTimeout NUMBER
Maximum time in seconds for
each download operation. 0 means no timeout.
Default: 0
Bytecode BOOL
This option enables downloading
of bytecode.cvd, which includes additional detection
mechanisms and improvements to the ClamAV engine.
Default: yes
FILES
/etc/clamav/freshclam.conf
AUTHOR
Thomas Lamy <thomas.lamy [AT] netwake.de>, Tomasz Kojm <tkojm [AT] clamav.net>, Kevin Lin <klin [AT] sourcefire.com>