Squid ClamAV as ICAP Service
The following steps show how to install and chain SquidClamAV ICAP anti virus with Web Safety ICAP web filter. All instructions are run on virtual appliance for VMware vSphere/ESXi from our site.
SquidClamav is an antivirus for Squid proxy based on the Awards winnings ClamAv anti-virus toolkit. Using it will help you securing your home or enterprise network web traffic. SquidClamav is the most efficient Squid Redirector and ICAP service antivirus tool for HTTP traffic available for free, it is written in C and can handle thousand of connections. The way to add more securing on your network for free is at http://squidclamav.darold.net. Thanks a lot to Gilles Darold - SquidClamav developer and maintainer!
Step 1: Install Packages
In order to install all necessary packages run script 01_install.sh from
this archive. Contents of this script are shown below. Scripts are also available from https://github.com/diladele/websafety-virtual-appliance/tree/release-5.0.0/scripts.clamav repository.
#!/bin/bash # check we are root if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi # stop immediately on any error set -e # install clamav apt-get -y install clamav apt-get -y install clamav-daemon # install c-icap apt-get -y install c-icap apt-get -y install libicapapi-dev # drop build folder for squidclamav rm -R build/squidclamav 2>&1 > /dev/null || true # make build folder mkdir -p build/squidclamav # decend into working directory pushd build/squidclamav # get it wget http://downloads.sourceforge.net/project/squidclamav/squidclamav/6.16/squidclamav-6.16.tar.gz \ && gunzip squidclamav-6.16.tar.gz \ && tar -xvf squidclamav-6.16.tar # configure and build the package cd squidclamav-6.16 && ./configure --with-c-icap=/usr && make # install it make install # revert popd # echo echo echo SUCCESS: squidclamav module is built and installed successfully! echo SUCCESS: now run 02_configure.sh script to perform initial configuration. echo echo
Step 2: Configure SquidClamav
Now configure all services by running script 02_configure.sh from
this archive. Contents of this script are shown below.
#!/bin/bash # check we are root if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi # patch /etc/default/c-icap (make c-icap autostart) if [ ! -f /etc/default/c-icap.default ]; then cp -f /etc/default/c-icap /etc/default/c-icap.default fi patch /etc/default/c-icap < c-icap.patch # patch settings in c-icap.conf (enable squidclamav) if [ ! -f /etc/c-icap/c-icap.conf.default ]; then cp -f /etc/c-icap/c-icap.conf /etc/c-icap/c-icap.conf.default fi patch /etc/c-icap/c-icap.conf < c-icap.conf.patch # patch settings in squidclamav.conf (disable redirect and DNS lookup) if [ ! -f /etc/c-icap/squidclamav.conf.default ]; then cp -f /etc/c-icap/squidclamav.conf /etc/c-icap/squidclamav.conf.default fi patch /etc/c-icap/squidclamav.conf < squidclamav.conf.patch # good now restart all related services systemctl stop clamav-daemon systemctl stop c-icap systemctl start clamav-daemon systemctl start c-icap # check status (must be running) systemctl status clamav-daemon systemctl status c-icap echo echo echo SUCCESS: squidclamav module is configured successfully! echo SUCCESS: now change ICAP integration settings in Web Safety Web UI echo SUCCESS: Squid / ICAP / Integration. Set AV port to 1345 and echo SUCCESS: REQMOD/RESPMOD paths to squidclamav echo echo
There are three patches mentioned in the above scripts. All of them are to be found in
this archive. The patches make minor changes to configuration files of c-icap, squidclamav and clamav-daemon.
Step 3: Integrate SquidClamav and Web Safety
Finally to integrate SquidClamav and Web Safety into one ICAP chain, navigate to Admin UI / Squid Proxy / ICAP / Integration and check the Chain web filter with manually installed Anti-Virus service checkbox as indicated on the screenshot below.
Do not forget to click Save and Restart from Admin UI.