This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
антивирусная_защита_web_трафика_squid [2014/02/06 16:16] val [Ubuntu] |
антивирусная_защита_web_трафика_squid [2018/03/19 16:27] val [Ubuntu] |
||
---|---|---|---|
Line 2: | Line 2: | ||
* [[Сервис Clamav]] | * [[Сервис Clamav]] | ||
+ | |||
+ | ===== Использование HAVP - HTTP Antivirus Proxy ===== | ||
+ | |||
+ | * [[http://interface31.ru/tech_it/2010/06/ubuntu-server-nastraivaem-antivirusnyj-fil-tr-routera-clamav.html|Ubuntu Server. Настраиваем антивирусный фильтр роутера (ClamAV)]] | ||
+ | |||
+ | ==== Debian/Ubuntu ==== | ||
+ | |||
+ | <code> | ||
+ | root@gate:~# apt install havp | ||
+ | |||
+ | root@gate:~# cat /etc/havp/havp.config | ||
+ | </code><code> | ||
+ | ... | ||
+ | # Only for courses | ||
+ | SERVERNUMBER 2 | ||
+ | ... | ||
+ | BIND_ADDRESS 127.0.0.1 | ||
+ | ... | ||
+ | # ENABLECLAMLIB true | ||
+ | ... | ||
+ | ENABLECLAMD true | ||
+ | ... | ||
+ | CLAMDSOCKET /var/run/clamav/clamd.ctl | ||
+ | ... | ||
+ | </code><code> | ||
+ | root@gate:~# usermod clamav -G havp | ||
+ | |||
+ | root@gate:~# service clamav-daemon restart | ||
+ | |||
+ | root@gate:~# service havp restart | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD ==== | ||
+ | |||
+ | * [[http://www.bsdportal.ru/viewtopic.php?f=9&t=26787|clamav+havp Can't allocate memory]] | ||
+ | <code> | ||
+ | [gate.corpX.un:~] # pkg install havp | ||
+ | |||
+ | [gate.corpX.un:~] # touch /usr/local/etc/havp/whitelist | ||
+ | [gate.corpX.un:~] # touch /usr/local/etc/havp/blacklist | ||
+ | [gate.corpX.un:~] # mkdir -p /usr/local/etc/havp/templates/en/ | ||
+ | |||
+ | [gate.corpX.un:~] # cat /usr/local/etc/havp/templates/en/virus.html | ||
+ | </code><code> | ||
+ | <h1>Virus!!!</h1> | ||
+ | </code><code> | ||
+ | [gate.corpX.un:~] # pw groupmod havp -m clamav | ||
+ | [gate.corpX.un:~] # service clamav-clamd restart | ||
+ | |||
+ | [gate.corpX.un:~] # cat /usr/local/etc/havp/havp.config | ||
+ | </code><code> | ||
+ | ... | ||
+ | # REMOVETHISLINE deleteme | ||
+ | ... | ||
+ | BIND_ADDRESS 127.0.0.1 | ||
+ | ... | ||
+ | ENABLECLAMD true | ||
+ | ... | ||
+ | CLAMDSOCKET /var/run/clamav/clamd.sock | ||
+ | ... | ||
+ | </code> | ||
+ | |||
+ | * [[Управление сервисами в FreeBSD#Управление последовательностью запуска сервисов]] | ||
+ | |||
+ | <code> | ||
+ | [gate.corpX.un:~] # service havp rcvar | ||
+ | |||
+ | [gate.corpX.un:~] # service havp start | ||
+ | </code> | ||
+ | |||
+ | ==== Squid ==== | ||
+ | <code> | ||
+ | gate# cat squid.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default | ||
+ | cache_peer_access 127.0.0.1 allow all | ||
+ | acl Scan_HTTP proto HTTP | ||
+ | never_direct allow Scan_HTTP | ||
+ | ... | ||
+ | </code><code> | ||
+ | root@gate:~# service squid3 restart | ||
+ | </code> | ||
+ | |||
+ | ===== Использование squidclamav ===== | ||
+ | |||
* [[Сервис HTTP#Установка и запуск сервера Apache]] | * [[Сервис HTTP#Установка и запуск сервера Apache]] | ||
* [[Сервис HTTP#CGI интерфейс сервера]] Apache | * [[Сервис HTTP#CGI интерфейс сервера]] Apache | ||
- | ===== Установка пакета squidclamav ===== | + | ==== Установка пакета squidclamav ==== |
- | ==== FreeBSD ==== | + | === FreeBSD === |
<code> | <code> | ||
[gate:~] # pkg_add -r curl gmake | [gate:~] # pkg_add -r curl gmake | ||
Line 22: | Line 108: | ||
</code> | </code> | ||
- | ==== Ubuntu ==== | + | === Ubuntu === |
- | Попробовать: | + | |
- | [[http://stopxaker.ru/showthread.php?t=578]] | + | |
<code> | <code> | ||
root@gate:~# apt-get install build-essential autoconf automake checkinstall | root@gate:~# apt-get install build-essential autoconf automake checkinstall | ||
Line 49: | Line 134: | ||
</code> | </code> | ||
- | ===== Настройка пакета squidclamav ===== | + | ==== Настройка пакета squidclamav ==== |
- | ==== FreeBSD/Ubuntu ==== | + | === FreeBSD/Ubuntu === |
<code> | <code> | ||
gate# cat /usr/local/etc/squidclamav.conf | gate# cat /usr/local/etc/squidclamav.conf | ||
Line 66: | Line 151: | ||
- | ===== Тестирование ===== | + | ==== Тестирование ===== |
- | ==== FreeBSD/Ubuntu ==== | + | === FreeBSD/Ubuntu === |
<code> | <code> | ||
gate# cat squid.conf | gate# cat squid.conf | ||
Line 88: | Line 173: | ||
</code> | </code> | ||
- | ===== Настройка squid на использование squidclamav ===== | + | ==== Настройка squid на использование squidclamav ==== |
- | ==== FreeBSD/Ubuntu ==== | + | === FreeBSD/Ubuntu === |
<code> | <code> | ||
gate# cat squid.conf | gate# cat squid.conf | ||
Line 102: | Line 187: | ||
... | ... | ||
</code> | </code> | ||
- | |||