Re: [squid-users] Squid, Antivirus & Pf
On Mon, 04 Jul 2005 15:31:23 +0200 Maxime Woznicki <[EMAIL PROTECTED]> wrote: > I'm working on DansGuardian (dansguardian-2.8.0.3-antivirus-6.3.8) with > clamav (0.86.1) for a few days and I'm becoming crazy : Please ask in dansguardian list in the future, not here. Thanks. > When I use : > virusengine = 'clamdscan'/ > > dguard starts with no problems but it doesn't run clamdscan while > downloading file. Permissions problem. Basically you have to run both dansguardian and clamd as the same user. Regards, Nerijus
Re: [squid-users] Squid, Antivirus & Pf
* Maxime Woznicki <[EMAIL PROTECTED]>: > Hello, > I'm working on DansGuardian (dansguardian-2.8.0.3-antivirus-6.3.8) with > clamav (0.86.1) for a few days and I'm becoming crazy : Been there, done that. > When I use, in dansguardian.conf > > /virusengine = 'clamav'/ > > I get this error when running dguard : > > /LibClamAV Error: Can't gzdopen() descriptor 8 > cli_untgz: No such file or directory > LibClamAV Error: cli_cvdload(): Can't unpack CVD file. > LibClamAV Error: Can't load /usr/local/share/clamav/main.cvd: CVD > extraction failure/ Odd. > I'm sure that all libraries work fine and cvd files are correct. > > When I use : > / > virusengine = 'clamdscan'/ > > dguard starts with no problems but it doesn't run clamdscan while > downloading file. You must start clamdscan BEFORE and DG communicates with clamd by means of a socket. -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Re: [squid-users] Squid, Antivirus & Pf
Hello, I'm working on DansGuardian (dansguardian-2.8.0.3-antivirus-6.3.8) with clamav (0.86.1) for a few days and I'm becoming crazy : On OpenBSD 3.6, I've solved compilation problems with pthreads and libraries inclusions. Clamav runs correctly. When I use, in dansguardian.conf /virusengine = 'clamav'/ I get this error when running dguard : /LibClamAV Error: Can't gzdopen() descriptor 8 cli_untgz: No such file or directory LibClamAV Error: cli_cvdload(): Can't unpack CVD file. LibClamAV Error: Can't load /usr/local/share/clamav/main.cvd: CVD extraction failure/ I'm sure that all libraries work fine and cvd files are correct. When I use : / virusengine = 'clamdscan'/ dguard starts with no problems but it doesn't run clamdscan while downloading file. What can I do ??? Thx for Help ! Max Odhiambo Washington wrote: * Ralf Hildebrandt <[EMAIL PROTECTED]> [20050629 17:33]: wrote: * Maxime Woznicki <[EMAIL PROTECTED]>: Hello, I'm trying to set up my own gateway using OpenBSD, Pf (filtering + QoS) and Squid. I have several problems : I would like to set up an antivirus running with squid. I've tried Squid + Squirm + Viralator + Clamav, which works finely, but i'm not really satisfied in term of performance and use of ressources. I use Squid + dansguardian (with the AV patch) instead I use the same. Squid+DansGuardian with the AV patch. I wonder what Squirm and Viralator does, but I will google later for details. -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington<[EMAIL PROTECTED]> Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Two wrongs don't make a right, but three lefts do.
Re: [squid-users] Squid, Antivirus & Pf
On Fri, 1 Jul 2005, Ralf Hildebrandt wrote: * Which AV scanners do speak ICAP? Several of the commercial ones do. I'd say it gets interesting if clamav/clamd speaks ICAP. Googled a little and seems it does.. http://c-icap.sourceforge.net/ The ClamAV integration is a "demo" of c-icap. The main culpit would be how this mix handles very large downloads, and obviously performance requirements. Regards Henrik
Re: [squid-users] Squid, Antivirus & Pf
* Henrik Nordstrom <[EMAIL PROTECTED]>: > On Thu, 30 Jun 2005, Ralf Hildebrandt wrote: > > >* where are the docs? > > in squid.conf and the AV manuals. > > >* Is it still being maintained? > > yes and no. But the icap branch is not considered to be production quality > by it's developers. :) > >* Which AV scanners do speak ICAP? > > Several of the commercial ones do. I'd say it gets interesting if clamav/clamd speaks ICAP. -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Re: [squid-users] Squid, Antivirus & Pf
On Thu, 30 Jun 2005, Ralf Hildebrandt wrote: * where are the docs? in squid.conf and the AV manuals. * Is it still being maintained? yes and no. But the icap branch is not considered to be production quality by it's developers. * Which AV scanners do speak ICAP? Several of the commercial ones do. Regards Henrik
Re: [squid-users] Squid, Antivirus & Pf
* S.M.H. Hamidi <[EMAIL PROTECTED]>: > Hi, > > To answer your first question I suggest using squid > ICAP client. I think using ICAP can lead to better > performance. Yes, but: * where are the docs? * Is it still being maintained? * Which AV scanners do speak ICAP? -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Re: [squid-users] Squid, Antivirus & Pf
Hi, To answer your first question I suggest using squid ICAP client. I think using ICAP can lead to better performance. --- Maxime Woznicki <[EMAIL PROTECTED]> wrote: > Hello, > I'm trying to set up my own gateway using OpenBSD, > Pf (filtering + QoS) > and Squid. > > I have several problems : > > I would like to set up an antivirus running with > squid. I've tried Squid > + Squirm + Viralator + Clamav, which works finely, > but i'm not really > satisfied in term of performance and use of > ressources. > Is there an efficient, free and really secure way to > set up such a thing > ? and which tools ? > > My second problem is that pf acts as a packet > filter, nat and QoS > (sharing dl bandwidth between hosts ip addresses > with pf (cbq) on > internal interface). But if I use squid for http and > ftp downloads, I > cannot control bandwidth sharing using pf. > I've red somewhere that is possible to manage > bandwidth with squid's acls. > How can I do that ? > > Thx for help. > > Max > Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football http://football.fantasysports.yahoo.com
Re: [squid-users] Squid, Antivirus & Pf
* Odhiambo Washington <[EMAIL PROTECTED]>: > I wonder what Squirm and Viralator does, but I will google later for > details. The same, but slower :) -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Re: [squid-users] Squid, Antivirus & Pf
* Ralf Hildebrandt <[EMAIL PROTECTED]> [20050629 17:33]: wrote: > * Maxime Woznicki <[EMAIL PROTECTED]>: > > Hello, > > I'm trying to set up my own gateway using OpenBSD, Pf (filtering + QoS) > > and Squid. > > > > I have several problems : > > > > I would like to set up an antivirus running with squid. I've tried Squid > > + Squirm + Viralator + Clamav, which works finely, but i'm not really > > satisfied in term of performance and use of ressources. > > I use Squid + dansguardian (with the AV patch) instead I use the same. Squid+DansGuardian with the AV patch. I wonder what Squirm and Viralator does, but I will google later for details. -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington<[EMAIL PROTECTED]> Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Two wrongs don't make a right, but three lefts do.
Re: [squid-users] Squid, Antivirus & Pf
* Maxime Woznicki <[EMAIL PROTECTED]>: > Hello, > I'm trying to set up my own gateway using OpenBSD, Pf (filtering + QoS) > and Squid. > > I have several problems : > > I would like to set up an antivirus running with squid. I've tried Squid > + Squirm + Viralator + Clamav, which works finely, but i'm not really > satisfied in term of performance and use of ressources. I use Squid + dansguardian (with the AV patch) instead -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
[squid-users] Squid, Antivirus & Pf
Hello, I'm trying to set up my own gateway using OpenBSD, Pf (filtering + QoS) and Squid. I have several problems : I would like to set up an antivirus running with squid. I've tried Squid + Squirm + Viralator + Clamav, which works finely, but i'm not really satisfied in term of performance and use of ressources. Is there an efficient, free and really secure way to set up such a thing ? and which tools ? My second problem is that pf acts as a packet filter, nat and QoS (sharing dl bandwidth between hosts ip addresses with pf (cbq) on internal interface). But if I use squid for http and ftp downloads, I cannot control bandwidth sharing using pf. I've red somewhere that is possible to manage bandwidth with squid's acls. How can I do that ? Thx for help. Max