Debian 6.0
Sponsored Link

Run with Clamav - SquidClamav
2011/03/13
  Install SquidClamav and Configure Proxy Server in order to scan download files to protect from virus. Install clamav first.

[1] Install Clamav-server first.
root@lan:~#
aptitude -y install clamav-daemon
[2] Download latest version of Squidclamav from the link below with wget.
http://sourceforge.net/projects/squidclamav/files/squidclamav/
# install some packages

root@lan:~#
aptitude -y install gcc make curl libcurl4-gnutls-dev


root@lan:~#
wget http://ftp.jaist.ac.jp/pub/sourceforge/c/project/c-/c-icap/c-icap/0.1.x/c_icap-0.1.4.tar.gz

root@lan:~#
tar zxvf c_icap-0.1.4.tar.gz

root@lan:~#
cd c_icap-0.1.4

root@lan:~/c_icap-0.1.4#
./configure

root@lan:~/c_icap-0.1.4#
root@lan:~/c_icap-0.1.4#
make install

root@lan:~/c_icap-0.1.4#

root@lan:~#
wget http://ftp.jaist.ac.jp/pub/sourceforge/s/project/sq/squidclamav/squidclamav/6.2/squidclamav-6.2.tar.gz

root@lan:~#
tar zxvf squidclamav-6.2.tar.gz

root@lan:~#
cd squidclamav-6.2

root@lan:~/squidclamav-6.2#
./configure

root@lan:~/squidclamav-6.2#
root@lan:~/squidclamav-6.2#
make install

root@lan:~/squidclamav-6.2#
root@lan:~#
vi /etc/squidclamav.conf


# line 17: change ( destination URL for redirect. Create it first )

redirect
http://www.srv.world/error.html


# line 25: change ( same with clamd )

clamd_local
/var/run/clamav/clamd.ctl

[3] Configure c-icap and Squid
root@lan:~#
vi /usr/local/etc/c-icap.conf


# line 140: change to admin's address

ServerAdmin
root@srv.world


# line 149: change to your servername

ServerName
lan.srv.world


# line 497: add

Service squidclamav squidclamav.so


root@lan:~#
vi /etc/squid3/squid.conf


# line 4689: add

icap_enable on


# line 4776: add

icap_send_client_ip on


# line 4784: add

icap_send_client_username on


# line 4789: add

icap_client_username_header X-Authenticated-User


# line 4855: add

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all


root@lan:~#
/usr/local/bin/c-icap &

[1] 14427
root@lan:~#
vi /etc/rc.local


# add near line 13

/usr/local/bin/c-icap


root@lan:~#
/etc/init.d/squid3 restart

Restarting Squid HTTP Proxy 3.x: squid3 Waiting.....................done.
Creating Squid HTTP Proxy 3.x cache structure ... (warning).
2011/03/13 06:08:05| Creating Swap Directories
[4] Try to access to a page that has trial virus from here.
http://www.eicar.org/anti_virus_test_file.htm
Click 'eicar.com' and rty to download it. Then, Virus will be detected and accessing is redirected to the page you set.
 
Matched Content
 
Tweet