On 06/04/11 00:05, Sebastian Schnur wrote:
First, thanks for your reply...
Where did you get that "fact"? I don't recall that being true.
I got it from several sites and my collegue. Didn't get anything in
changlogs of squidclamav or libc-icap-mod-squidclamav
<http://packages.debian.org/wheezy/libc-icap-mod-squidclamav>.
* The old clamav integration provided the alternative URL
automatically in the background and the browser would redirect to it
without the user needing to do anything.
* the ICAP filters mid-stream similar to havp. The early clamav server
implementation did have issues around delaying the download while it
pulled in and scanned the whole object. Not sure if that has been
resolved or not.
If I define the http-request and http-response like the following, the
response (download file) should be send directly to the client?!
icap_service clamscan_req reqmod_precache routing=1 bypass=1
icap://localhost:1344/srv_clamav
icap_service clamscan_resp respmod_precache routing=1 bypass=1
icap://localhost:1344/srv_clamav
icap_service urlcheck_req reqmod_precache routing=1 bypass=1
icap://localhost:1344/urlscan
adaptation_service_chain CHAINS_REQ urlcheck_req clamscan_req
adaptation_access CHAINS_REQ deny CONNECT
adaptation_access CHAINS_REQ allow all
adaptation_service_chain CHAINS_RESP clamscan_resp
adaptation_access CHAINS_RESP allow all
(I do not use clamav, so may be wrong.)
Which AV-Scanner do you use with squid? I'm thinking about using
F-Secure...
I don't run AV in the proxy. I run hosting servers with content scans
before it goes near the 'Net.
NP: When you go to squid3 you may want to use the 3.1.11 or later
packages available in the Debian sid repositories. The squeeze package
has a few annoying issues that do not qualify for fixing under the
Debian policy.
In Debian squeeze there's currently squid 3.1.6-1.2 so I should give it
a try, shouldn't I? I did not found a bug which is very important on
http://bugs.debian.org/cgi-bin/pkgreport.cgi?package=squid3.
If you like. The bugs I was referring to are closed by the newer uploads
and no longer show in deb bug tracker. I guess you can wait and see if
they matter (IP failures when IPv6 is supposed to be disabled or
unavailable).
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.6