Squid und ClamAV
Version vom 12. Dezember 2022, 15:41 Uhr von Linkai.zhang (Diskussion | Beiträge) (→Über git clone squidclamav Source runterladen)
Schaubild
![Bearbeiten](javascript:editDrawio("1858749731", "i-cap-clam-av.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Installation von Clamav
- apt install c-icap clamav clamdscan clamav-daemon libicapapi-dev libssl-dev git
Tool zum kompilieren
apt install gcc make
Über git clone squidclamav Source herunterladen
- git clone https://github.com/darold/squidclamav
Kompilieren
- cd squidclamav
- ./configure && make && make install
Squid Konfiguration erweitern
- /etc/squid/squid.conf
... icap_enable on icap_send_client_ip on icap_send_client_username on icap_client_username_encode off icap_client_username_header X-Authenticated-User icap_preview_enable on icap_preview_size 1024 icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav adaptation_access service_req allow all adaptation_access service_resp allow all ...
c-icap aktivieren
- cat /etc/default/c-icap
START=yes
- cat /etc/c-icap/c-icap.conf
Service squidclamav squidclamav.so
diverse Dienste starten
- systemctl restart clamav-freshclam.service
- systemctl restart clamav-daemon.service
- systemctl restart c-icap.service
- systemctl restart squid
Bugfix
cd /var/lib/clamav/ wget https://www.danami.com/hotfix/main.cvd wget https://www.danami.com/hotfix/daily.cld chown clamav:clamav main.cvd chown clamav:clamav daily.cld systemctl restart clamav-daemon
Hier kann man Testen
Der Log zum clamav
- tail -f /var/log/clamav/clamav.log
Tue Sep 27 15:12:56 2022 -> instream(local): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND Tue Sep 27 15:13:05 2022 -> instream(local): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND Tue Sep 27 15:13:16 2022 -> instream(local): Win.Test.EICAR_HDB-1(e4968ef99266df7c9a1f0637d2389dab:308) FOUND Tue Sep 27 15:14:12 2022 -> instream(local): Win.Test.EICAR_HDB-1(e4968ef99266df7c9a1f0637d2389dab:308) FOUND Tue Sep 27 15:15:43 2022 -> instream(local): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND Tue Sep 27 15:16:50 2022 -> instream(local): Win.Test.EICAR_HDB-1(e4968ef99266df7c9a1f0637d2389dab:308) FOUND Tue Sep 27 15:16:57 2022 -> instream(local): Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND