Frank Fiene wrote:
Am 16.04.2009 um 17:52 schrieb Henrik K:
On Thu, Apr 16, 2009 at 03:57:35PM +0200, Frank Fiene wrote:
Hi i have a problem with integrating clamav with squivir2 into squid.
Not that it helps with this specific question, but get yourself a real
tool.
Redirector based virus scanners are flawed by design. You want to look at
proxy based scanners like HAVP (http://www.server-side.de/) or ICAP based
like c-icap (http://c-icap.sourceforge.net/). They offer performance and
security.
Is anyone using HAVP? I read only one sentence on the home page:
Disadvantage:
If the scanning process is too slow and the file is larger than the
defined "hold back data" you can still receive a virus! If the file
contains a virus and the file is bigger than the "hold back data" the
download will be cancelled with no warning. If you try to download the
file again you will get the error message (this feature is not
implemented yet).
My opinion: this is a no-go!
And ICAP is only working with Squid-3, this is not included in my
distribution! I don't want to compile squid every time when there is a
bugfix.
You don't have to rebuild every bug fix. Squid is only bundled every 4-8
weeks, its up to you whether anything you think important stuff has
changed and if to rebuild or not. Or whether just to grab the individual
fix patches and use them on your old bundle instead.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14
Current Beta Squid 3.1.0.7