[squid-users] Problems with Squid 3.5 and freshclam

Dear all,

I upgraded my squid installation from the default Centos 2.6 to the
current 3.5 version.
Since then, a number of network services do not work via Squid anymore.
The most problematic one is freshclam.
I can see in the access.log that the files are being transferred - even
with the result code of 200.
However, the software does not seem to "get" the entire file.

$ grep clamav /var/log/squid/access.log

1401792483.486 2113 10.1.1.1 TCP_MISS/200 24621072 GET
http://db.local.clamav.net/daily.cvd - HIER_DIRECT/81.223.20.171
application/octet-stream
1401793369.051 10741 10.1.1.1 TCP_MISS/200 64721048 GET
http://db.at.clamav.net/main.cvd - HIER_DIRECT/81.223.20.171
application/octet-stream
1401793409.859 5755 10.1.1.1 TCP_MISS/200 64721048 GET
http://db.at.clamav.net/main.cvd - HIER_DIRECT/81.223.20.171
application/octet-stream
1401793455.523 10597 10.1.1.1 TCP_MISS/200 64721048 GET
http://db.at.clamav.net/main.cvd - HIER_DIRECT/81.223.20.171
application/octet-stream
1401793505.637 20049 10.1.1.1 TCP_MISS/200 64721119 GET
http://db.local.clamav.net/main.cvd - HIER_DIRECT/193.1.193.64 text/plain

A freshclam -v shows the following output:

[root_at_proxy clamav]# freshclam -v
Current working dir is /var/lib/clamav
Max retries == 3
ClamAV update process started at Tue Jun 3 13:02:38 2014
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1094
Software version from DNS: 0.98.3
Connecting via proxy
Retrieving http://db.at.clamav.net/main.cvd
Trying to download http://db.at.clamav.net/main.cvd (IP: 10.1.1.1)
nonblock_recv: recv timing out (30 secs)
WARNING: getfile: Download interrupted: Operation now in progress (IP:
10.1.1.1)
WARNING: Can't download main.cvd from db.at.clamav.net
Querying main.0.77.0.0.0A0E0FE9.ping.clamav.net
Trying again in 5 secs...
ClamAV update process started at Tue Jun 3 13:03:24 2014
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1048
Software version from DNS: 0.98.3
Connecting via proxy
Retrieving http://db.at.clamav.net/main.cvd
Trying to download http://db.at.clamav.net/main.cvd (IP: 10.1.1.1)
nonblock_recv: recv timing out (30 secs)
WARNING: getfile: Download interrupted: Operation now in progress (IP:
10.1.1.1)
WARNING: Can't download main.cvd from db.at.clamav.net
Querying main.0.77.0.0.0A0E0FE9.ping.clamav.net
Trying again in 5 secs...
ClamAV update process started at Tue Jun 3 13:04:04 2014
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1008
Software version from DNS: 0.98.3
Connecting via proxy
Retrieving http://db.at.clamav.net/main.cvd
Trying to download http://db.at.clamav.net/main.cvd (IP: 10.1.1.1)
nonblock_recv: recv timing out (30 secs)
ERROR: getfile: Download interrupted: Operation now in progress (IP:
10.1.1.1)
ERROR: Can't download main.cvd from db.at.clamav.net
Querying main.0.77.0.0.0A0E0FE9.ping.clamav.net
Giving up on db.at.clamav.net...
ClamAV update process started at Tue Jun 3 13:04:45 2014
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 967
Software version from DNS: 0.98.3
Connecting via proxy
Retrieving http://db.local.clamav.net/main.cvd
Trying to download http://db.local.clamav.net/main.cvd (IP: 10.1.1.1)
nonblock_recv: recv timing out (30 secs)
ERROR: getfile: Download interrupted: Operation now in progress (IP:
10.1.1.1)
ERROR: Can't download main.cvd from db.local.clamav.net
Querying main.0.77.0.0.0A0E0FE9.ping.clamav.net
Giving up on db.local.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in
/etc/freshclam.conf is working. Check
http://www.clamav.net/support/mirror-problem for possible reasons.

A direct connection - without squid - works as expected.
Thanks very much for your help, Peter

-- 
Best regards,
DI Peter Burgstaller
---------------------------
Head of Hosted Services
SKIDATA AG
Untersbergstrasse 40
A-5083 Grödig / Salzburg
[p] +43 (0) 6246 888-4155
[f] +43 (0) 6246 888-7
[e] peter.burgstaller_at_skidata.com
[w] www.skidata.com
[§] www.skidata.com/legal-at.html
Please consider the environment before printing this e-mail.