This is an old revision of the document!
root@gate:~# apt install havp root@gate:~# cat /etc/havp/havp.config
... # Only for courses SERVERNUMBER 2 ... BIND_ADDRESS 127.0.0.1 ... # ENABLECLAMLIB true ... ENABLECLAMD true ... CLAMDSOCKET /var/run/clamav/clamd.ctl ...
root@gate:~# usermod clamav -G 'havp' root@gate:~# service clamav-daemon restart root@gate:~# service havp restart
[gate.corpX.un:~] # pkg install havp [gate.corpX.un:~] # touch /usr/local/etc/havp/whitelist [gate.corpX.un:~] # touch /usr/local/etc/havp/blacklist [gate.corpX.un:~] # mkdir -p /usr/local/etc/havp/templates/en/ [gate.corpX.un:~] # cat /usr/local/etc/havp/templates/en/virus.html
<h1>Virus!!!</h1>
[gate.corpX.un:~] # pw groupmod havp -m clamav [gate.corpX.un:~] # service clamav-clamd restart [gate.corpX.un:~] # cat /usr/local/etc/havp/havp.config
... # REMOVETHISLINE deleteme ... BIND_ADDRESS 127.0.0.1 ... ENABLECLAMD true ... CLAMDSOCKET /var/run/clamav/clamd.sock ...
[gate.corpX.un:~] # service havp rcvar [gate.corpX.un:~] # service havp start
gate# cat squid.conf
... cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default cache_peer_access 127.0.0.1 allow all acl Scan_HTTP proto HTTP never_direct allow Scan_HTTP ...
root@gate:~# service squid3 restart
[gate:~] # pkg_add -r curl gmake [gate:~] # cd /usr/ports/security/squidclamav [gate:ports/security/squidclamav] # make install clean [gate:~] # less /usr/local/etc/squidclamav.conf.dist [gate:~] # touch /var/log/squidclamav.log [gate:~] # chown squid /var/log/squidclamav.log
root@gate:~# apt-get install build-essential autoconf automake checkinstall root@gate:~# apt-get install libcurl4-openssl-dev root@gate:~# wget http://val.bmstu.ru/unix/src/squidclamav-5.3.tar.gz root@gate:~# tar -xvf squidclamav-5.3.tar.gz root@gate:~# cd squidclamav-5.3 root@gate:~/squidclamav-5.3# ./configure --prefix=/usr/local/ root@gate:~/squidclamav-5.3# make && make install root@gate:~/squidclamav-5.3# mkdir /usr/local/etc root@gate:~/squidclamav-5.3# less etc/squidclamav.conf root@gate:~# touch /var/log/squidclamav.log root@gate:~# chown proxy:proxy /var/log/squidclamav.log
gate# cat /usr/local/etc/squidclamav.conf
squid_ip 127.0.0.1 squid_port 3128 logfile /var/log/squidclamav.log redirect http://server.corpX.un/cgi-bin/test-cgi #freebsd #clamd_local /var/run/clamav/clamd.sock #linux #clamd_local /var/run/clamav/clamd.ctl
gate# cat squid.conf
... http_access allow localhost ...
gate# /usr/local/bin/squidclamav -c /usr/local/etc/squidclamav.conf SquidClamav running as UID 0: writing logs to stderr Thu Dec 4 16:06:14 2008 LOG Reading configuration from /usr/local/etc/squidclamav.conf Thu Dec 4 16:06:14 2008 LOG SquidClamav (PID 14302) started
http://val.bmstu.ru/unix/virus.zip 195.19.32.125 squid GET
Thu Dec 4 16:07:03 2008 LOG Redirecting URL to: http://gate.corpX.un/cgi-bin/test-cgi?url=http://val.bmstu.ru/virus.zip&source=195.19.32.14&user=squid&virus=stream:+Worm.Sober.U-3+FOUND http://gate.corpX.un/cgi-bin/printenv?url=http://val.bmstu.ru/virus.zip&source=195.19.32.14&user=mylog&virus=stream:+Worm.Sober.U-3+FOUND 195.19.32.14 squid GET
gate# cat squid.conf
... redirector_access deny localhost http_access allow localhost acl our_networks src 192.168.X.0/24 ... url_rewrite_program /usr/local/bin/squidclamav -c /usr/local/etc/squidclamav.conf ...