Debian 9 Stretch : Proxy Server : Squid + SquidClamav : Server World

Squid + SquidClamav

2017/06/26

	Install SquidClamav and Configure Proxy Server to scan download files to protect from Virus. Install Clamav first.
[1]	Install Clamd.

root@prox:~#

apt -y install clamav-daemon

[2]	Download the latest version of Squidclamav from the link below. ⇒ http://sourceforge.net/projects/squidclamav/files/squidclamav/

# install some required packages first

root@prox:~#

apt -y install gcc make curl libcurl4-gnutls-dev c-icap libicapapi-dev

root@prox:~#

wget --trust-server-names https://sourceforge.net/projects/squidclamav/files/squidclamav/6.16/squidclamav-6.16.tar.gz/download

root@prox:~#

tar zxvf squidclamav-6.16.tar.gz

root@prox:~#

cd squidclamav-6.16

root@prox:~/squidclamav-6.16#

./configure --with-c-icap

root@prox:~/squidclamav-6.16#

make

root@prox:~/squidclamav-6.16#

make install

root@prox:~/squidclamav-6.16#

root@prox:~#

ln -s /etc/c-icap/squidclamav.conf /etc/squidclamav.conf

root@prox:~#

vi /etc/squidclamav.conf

# line 18: change ( create a error page that is redirected to )

redirect

http://www.srv.world/error.html

[3]	Configure c-icap and Squid.

root@prox:~#

vi /etc/default/c-icap

# line 6: change

START=

yes

root@prox:~#

vi /etc/c-icap/c-icap.conf

# line 163: change to the admin email

ServerAdmin

root@srv.world

# line 172: change to the hostname

ServerName

prox.srv.world

# line 570: add

Service squidclamav squidclamav.so

root@prox:~#

vi /etc/squid/squid.conf

# line 6912: add

icap_enable on

# line 7033: add

adaptation_send_client_ip on

# line 7043: add

adaptation_send_username on

# line 7048: add

icap_client_username_header X-Authenticated-User

# line 7144: add follows

icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_req allow all
icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
adaptation_access service_resp allow all

root@prox:~#

systemctl restart clamav-daemon c-icap squid

[4]	It's OK all. Next, try to access to the site below from a ClientPC with Web browser, http://eicar.org/85-0-Download.html then, click the test Virus [eicar.com] to make sure to redirect the site you configured.