freshclam.conf

freshclam.conf(5) Clam AntiVirus freshclam.conf(5)

NAME

   freshclam.conf - Configuration file for Clam AntiVirus database update tool

DESCRIPTION

   The file freshclam.conf configures the Clam AntiVirus Database Updater, freshclam(1).

FILE FORMAT

   The  file  consists of comments and options with arguments. Each line which starts with a hash (#) symbol is ignored by the parser. Options and arguments are case sensitive and of the
   form Option Argument. The arguments are of the following types:

   BOOL   Boolean value (yes/no or true/false or 1/0).

   STRING String without blank characters.

   SIZE   Size in bytes. You can use 'M' or 'm' modifiers for megabytes and 'K' or 'k' for kilobytes.

   NUMBER Unsigned integer.

DIRECTIVES

   When an option is not used (hashed or doesn't exist in the configuration file) freshclam takes a default action.

   Example
          If this option is set freshclam will not run.

   LogFileMaxSize SIZE
          Limit the size of the log file. The logger will be automatically disabled if the file is greater than SIZE. Value of 0 disables the limit.
          Default: 1M

   LogTime BOOL
          Log time with each message.
          Default: no

   LogSyslog BOOL
          Enable logging to Syslog. May be used in combination with UpdateLogFile.
          Default: disabled.

   LogFacility STRING
          Specify the type of syslog messages - please refer to 'man syslog' for facility names.
          Default: LOG_LOCAL6

   LogVerbose BOOL
          Enable verbose logging.
          Default: disabled

   LogRotate BOOL
          Rotate log file. Requires LogFileMaxSize option set prior to this option.
          Default: no

   PidFile STRING
          Write the daemon's pid to the specified file.
          Default: disabled

   DatabaseDirectory STRING
          Path to a directory containing database files.  This directory must already exist, be an absolute path, be writeable by freshclam and readable by clamd/clamscan.
          Default: /var/lib/clamav

   Foreground BOOL
          Don't fork into background.
          Default: no

   Debug BOOL
          Enable debug messages in libclamav.
          Default: no

   UpdateLogFile STRING
          Enable logging to a specified file. Highly recommended.
          Default: disabled.

   DatabaseOwner STRING
          When started by root, drop privileges to a specified user.
          Default: clamav

   Checks NUMBER
          Number of database checks per day.
          Default: 12

   DNSDatabaseInfo STRING
          Use DNS to verify the virus database version. FreshClam uses DNS TXT records to verify the versions of the database and software itself. With this directive you can change  the
          database verification domain.
          WARNING: Please don't change it unless you're configuring freshclam to use your own database verification domain.
          Default: enabled, pointing to current.cvd.clamav.net

   DatabaseMirror STRING
          DatabaseMirror  specifies to which mirror(s) freshclam should connect. You should have at least one entries: database.clamav.net.  Now that CloudFlare is being used as our Con‐
          tent Delivery Network (CDN), this one domain name works world-wide to direct freshclam to the closest geographic endpoint.
          Default: database.clamav.net

   PrivateMirror STR
          This option allows you to easily point freshclam to private mirrors. If PrivateMirror is set, freshclam does not attempt to use DNS to determine whether its databases are  out-
          of-date,  instead  it will use the If-Modified-Since request or directly check the headers of the remote database files. For each database, freshclam first attempts to download
          the CLD file. If that fails, it tries to download the CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo and ScriptedUpdates. It can be used multiple times to pro‐
          vide fall-back mirrors.
          Default: disabled

   MaxAttempts NUMBER
          How many attempts (per mirror) to make before giving up.
          Default: 3 (per mirror)

   ScriptedUpdates BOOL
          With this option you can control scripted updates. It's highly recommended to keep it enabled.
          Default: yes

   TestDatabases BOOL
          With this option enabled, freshclam will attempt to load new databases into memory to make sure they are properly handled by libclamav before replacing the old ones.
          Default: enabled

   CompressLocalDatabase BOOL
          By default freshclam will keep the local databases (.cld) uncompressed to make their handling faster. With this option you can enable the compression; the change will take  ef
          fect with the next database update.
          Default: no

   ExtraDatabase STRING
          Download an additional 3rd party signature database distributed through the ClamAV mirrors. This option can be used multiple times.
          Default: disabled

   ExcludeDatabase STRING
          Exclude a standard signature database (opt-out). This option can be used multiple times.
          Default: disabled

   DatabaseCustomURL STRING
          With this option you can provide custom sources for database files. This option can be used multiple times.  Support for:
            http(s)://, ftp(s)://, or file:// Example usage:
            DatabaseCustomURL https://myserver.com:4567/allow_list.wdb
          Default: disabled

   HTTPProxyServer STR, HTTPProxyPort NUMBER
          Use given proxy server and TCP port for database downloads.  The HTTPProxyServer may be prefixed with [scheme]:// to specify which kind of proxy is used.
            http://     HTTP Proxy. Default when no scheme or proxy type is specified.
            https://    HTTPS Proxy. (Added in 7.52.0 for OpenSSL, GnuTLS and NSS)
            socks4://   SOCKS4 Proxy.
            socks4a://  SOCKS4a Proxy. Proxy resolves URL hostname.
            socks5://   SOCKS5 Proxy.
            socks5h://  SOCKS5 Proxy. Proxy resolves URL hostname.

   HTTPProxyUsername STR,HTTPProxyPassword STRING
          Proxy usage is authenticated through given username and password.
          Default: disabled

   HTTPUserAgent STRING
          If  your  servers  are  behind  a  firewall/proxy  which  applies User-Agent filtering, you can use this option to force the use of a different User-Agent header.  As of ClamAV
          0.103.3, this setting may not be used when updating from the clamav.net CDN and can only be used when updating from a private mirror.
          Default: clamav/version_number

   NotifyClamd STRING
          Notify a running clamd(8) to reload its database after a download has occurred. The path for clamd.conf file must be provided.
          Default: The default is to not notify clamd. See clamd.conf(5)'s option SelfCheck for how clamd(8) handles database updates in this case.

   OnUpdateExecute STRING
          Execute this command after the database has been successfully updated.
          Default: disabled

   OnErrorExecute STRING
          Execute this command after a database update has failed.
          Default: disabled

   OnOutdatedExecute STRING
          Execute this command when freshclam reports outdated version. In the command string %v will be replaced by the new version number.
          Default: disabled

   LocalIPAddress IP
          Use IP as client address for downloading databases. Useful for multi homed systems.
          Default: Use OS'es default outgoing IP address.

   ConnectTimeout NUMBER
          Timeout in seconds when connecting to database server.
          Default: 10

   ReceiveTimeout NUMBER
          Maximum time in seconds for each download operation. 0 means no timeout.
          Default: 0

   Bytecode BOOL
          This option enables downloading of bytecode.cvd, which includes additional detection mechanisms and improvements to the ClamAV engine.
          Default: yes

FILES

   /etc/clamav/freshclam.conf

AUTHOR

   Thomas Lamy <thomas.lamy@netwake.de>, Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>

SEE ALSO

   freshclam(1), clamd.conf(5), clamd(8), clamscan(1)

ClamAV 1.4.3 December 4, 2013 freshclam.conf(5)