Ubuntu 11.04
Sponsored Link

Run with Clamav - SquidClamav2011/05/05
  Install SquidClamav and Configure Proxy Server in order to scan download files to protect from virus. Install clamav first.

[1] Install Clamd
root@lan:~#
aptitude -y install clamav-daemon

root@lan:~#
/etc/init.d/clamav-daemon start

* Starting ClamAV daemon clamd
  ...done.
[2] Download latest version of Squidclamav from the link below with wget.
http://sourceforge.net/projects/squidclamav/files/squidclamav/
# install some required packages first

root@lan:~#
aptitude -y install gcc make curl libcurl4-gnutls-dev c-icap libicapapi-dev


root@lan:~#
wget http://ftp.jaist.ac.jp/pub/sourceforge/s/project/sq/squidclamav/squidclamav/6.2/squidclamav-6.2.tar.gz

root@lan:~#
tar zxvf squidclamav-6.2.tar.gz

root@lan:~#
cd squidclamav-6.2

root@lan:~/squidclamav-6.2#
./configure --with-c-icap

root@lan:~/squidclamav-6.2#
make

root@lan:~/squidclamav-6.2#
make install

root@lan:~/squidclamav-6.2#
cd

root@lan:~#
vi /etc/squidclamav.conf


# line 17: change ( destination URL for redirect. Create it first )

redirect
http://www.srv.world/error.html


# line 25: change ( same with clamd )

clamd_local
/var/run/clamav/clamd.ctl
[3] Configure c-icap and Squid
root@lan:~#
vi /etc/default/c-icap


# line 6: change

START=
yes


root@lan:~#
vi /etc/c-icap/c-icap.conf


# line 142: change to admin's address

ServerAdmin
root@srv.world


# line 151: change to your servername

ServerName
lan.srv.world


# line 499: add

Service squidclamav squidclamav.so


root@lan:~#
vi /etc/init.d/c-icap


# line 107: add '!' because it is a mistake

if
!
running ; then
   echo "$NAME."
else
   echo " ERROR."
fi

root@lan:~#
/etc/init.d/c-icap start

Starting c-icap: c-icap.

root@lan:~#
vi /etc/squid3/squid.conf


# line 4761: add

icap_enable on


# line 4848: add

icap_send_client_ip on


# line 4856: add

icap_send_client_username on


# line 4861: add

icap_client_username_header X-Authenticated-User


# line 4932: add follows

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all


root@lan:~#
/etc/init.d/squid3 restart

* Restarting Squid HTTP Proxy 3.x squid3
* Waiting...
...done.
* Creating Squid HTTP Proxy 3.x cache structure
2011/05/05 03:31:41| Creating Swap Directories
...done.
[4] Try to access to a page that has trial virus from here.
http://www.eicar.org/anti_virus_test_file.htm
Click 'eicar.com' and rty to download it. Then, Virus will be detected and accessing is redirected to the page you set.
 
Matched Content