Debian 8: can't get ClamAV to listen on TCP 3310

Question

I am trying to get Clamav-daemon running on a Debian 8 system so that it will listen on TCP port 3310. I have done the following:

aptitude install clamav-daemon

Then modified /etc/clamav/clamd.conf so that it now has the following at the top:

# Added by me
TCPSocket 3310
TCPAddr localhost
# Already existed
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666

Restarted the service using service clamav-daemon restart.

I am finding that netstat -tap | grep clam is not returning anything. Running ps aux | grep clam returns:

clamav   18559 11.4 10.3 649212 399604 ?       Ssl  14:38   0:15 /usr/sbin/clamd --foreground=true

There is an autogenerated file /etc/systemd/system/clamav-daemon.socket.d/extend.conf that contains:

[Socket]
ListenStream=
SocketUser=clamav
ListenStream=/var/run/clamav/clamd.ctl
SocketGroup=clamav
SocketMode=666

The only thing I can see in the logs is:

TCP: No tcp AF_INET/AF_INET6 SOCK_STREAM socket received from systemd

Does anyone know why I may be having trouble getting ClamAV to run on TCP:3310?

score 3 · Answer 1 · answered Nov 24 '20 at 09:09

3

simply running

dpkg-reconfigure clamav-daemon

and choosing TCP socket and required port and interface ip (can be any) will get this working properly . You can accept defaults for all other values or specify them.

answered Nov 24 '20 at 09:09

Samer Bitar

31
1

score 2 · Answer 2 · answered Dec 19 '17 at 16:48

I tried all the other suggestions above and couldn't get it to work.

However, running dpkg-reconfigure clamav-daemon and choosing TCP early on in the configuration options (rather than UNIX) and defaults for everything else worked for me on Ubuntu 16.04.

score 1 · Answer 3 · answered Aug 24 '16 at 18:50

I now have it working but it is no where near as nice to configure as it was on Debian 7.

I can only have either TCP or unixsocket (not sure why) but not both running. Hence I am using:

/etc/systemd/system/clamav-daemon.socket.d/extend.conf

[Socket]
ListenStream=
SocketUser=clamav
ListenStream=3310

/etc/clamav/clamd.conf only has:

TCPSocket 3310

and does not have the unix socket information in it. So this is REMOVED:

LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666

Then in order to get Exim4 to use it I have:

av_scanner = clamd:127.0.0.1:local

and I couldn't use localhost in there. It had to be 127.0.0.1.

score 1 · Answer 4 · answered Mar 09 '18 at 20:13

First purge everything clamav related:

apt-get purge clamav clamav-base clamav-daemon clamav-freshclam clamav-milter clamdscan clamassassin

Then re-install:

apt-get install clamav clamav-base clamav-daemon clamav-freshclam clamav-milter clamdscan clamassassin

Then in /etc/clamav/clamd.conf add

TCPSocket 3310
TCPAddr 127.0.0.1

-above- the existing LocalSocket entry. Else it set things up but times out during execution. Then in /etc/systemd/system/clamav-daemon.socket.d/extend.conf add

ListenStream=127.0.0.1:3310

at the bottom. This will leave the Unix Socket operating as expected and create a listener on port 3310 using "init" as the conduit to the socket. Then re-start the service:

service clamav-daemon restart

and check that init is listening on port 3310:

netstat -anp | grep 3310

Then test out ThunderBird's Add-Ons -> clamdrib -> Preferences -> Test

score 0 · Answer 5 · answered Aug 31 '16 at 15:32

i don't have enough rep here to comment (as my solution is on a different distro), but on an install of ubuntu 16.04, this worked for me:

modifying clamav-daemon.socket directly:

[Socket]
ListenStream=/run/clamav/clamd.ctl
ListenStream=xx.xx.xx.xx:3310
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True

Adding it to extend.conf did not work for me, but when i commented everything out of extend.conf and reloaded and restarted it listened on both.

Before this change i saw the same issue as @Doahh

score 0 · Answer 6 · answered Jun 28 '17 at 13:48

After tested many times on Ubuntu 16.04, i got it working.

Comment out all ListenStream= in /lib/systemd/system/clamav-daemon.socket. If you don't comment out them, you will get error like TCP: Received more than two file descriptors from systemd and clamav cannot start.
Add your own ListenStream= line(s) in /etc/systemd/system/clamav-daemon.socket.d/extend.conf. multiple ListenStream= (one socket, one network port) is supported like this:

[Socket] ListenStream=/run/clamav/clamd.ctl ListenStream=xx.xx.xx.xx:3310 SocketUser=clamav SocketGroup=clamav RemoveOnStop=True

Debian 8: can't get ClamAV to listen on TCP 3310

6 Answers6

Linked