[sanesecurity] Re: local.ign updates
- From: Paul Enlund <paul@xxxxxxxxxxxxx>
- To: sanesecurity@xxxxxxxxxxxxx
- Date: Wed, 24 Jun 2009 16:23:13 +0100
At 16:33 23/06/2009 -0700, you wrote:
> I am seeing a problem with the update of local.ign with
> clamav-unofficial-sigs.sh v3.5.3.
>
> I have as an entry "winnow.spam.ts.xmailer.hc.24". This signature has
> twice
> changed line number in winnow_spam_complete.ndb recently.
> However local.ign its copy in /usr/unofficial-dbs/configs/local.ign
> and the entry in /usr/unofficial-dbs/configs/monitor-ign.txt all indicate
> line 170 were it should now be 172.
> The script is updating other entries correctly according to the logs but
> there are no references to winnow.spam.ts.xmailer.hc.24 ever being
> updated
> in local.ign
Paul, I see the issue. Would you be willing to test this updated script:
http://www.inetmsg.com/pub/test/clamav-unofficial-sigs.sh
If so, let me know if this resolves it for you and I add it to the next
update I release. If anyone else would like to try it, as well, feel free
- and feedback would be welcomed.
Thanks,
Bill
Bill
The issue with winnow.spam.ts.xmailer.hc.24 in local.ign is resolved.
However I am seeing another
problem with the other entry Sanesecurity.Junk.12334. This is triggering a
reload every time the script
runs.
Sanesecurity.Junk.12334 hexadecimal is signature unchanged, however
signature name and/or line placement
in junk.ndb has change to Sanesecurity.Junk.12334 - updated local.ign to
reflect this change.
Junk.ndb was updated the previous script run but not on the one producing
the above update notice.
I have these debug comments in the script
comment "entry: $entry"
comment "sig_file: $sig_file"
comment "sig_hex: $sig_hex"
comment "sig_name_old: $sig_name_old"
comment "sig_ign_old: $sig_ign_old"
comment "sig_old: $sig_old"
comment "sig_new: $sig_new"
comment "sig_mon_new: $sig_mon_new"
if [ -n "$sig_new" ]
Do you want the output and if so on or off list.
Paul
Other related posts:
