newbie2007
15.03.08, 20:57
Hi,
mein Proxy verrichtet brav seinen job, doch jetzt wollte ich noch einen Virenscanner einbinden, doch leider funkt der nicht ganz.
Also folgendes habe ich gemacht:
squid, clamav & clamd installiert
Nun habe ich mir folgende configs, doch leider funkt das nicht. Vielleicht kann mir jemand von euch helfen.
Meine squid.conf
http_port 172.16.8.8:3128
visible_hostname Test_Proxy
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 128 MB
cache_dir ufs /var/cache/squid 10000 16 256
emulate_httpd_log on
ftp_user squid@test.at
ftp_passive on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
#redirect_program /usr/bin/squidGuard -c /etc/squid/squidguard.conf
#redirect_children 5
url_rewrite_program /usr/local/bin/squidclamav
url_rewrite_children 15
# W2k3 AD Ueberpruefung
external_acl_type NT_global_group ttl=0 children=5 %LOGIN /usr/lib/squid/wbinfo_group.pl
auth_param ntlm program /usr/bin/ntlm_auth --domain="Test" --require-membership-of="S-1-5-21-237610090-3384204998-2152441739-1247" --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param basic program /usr/bin/ntlm_auth --domain="Test" --require-membership-of="S-1-5-21-237610090-3384204998-2152441739-1247" --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Proxy - TEST GmbH
auth_param basic credentialsttl 5 hours
authenticate_ttl 1 hour
# Damit windowsupdate und netbanking bzw. java funkt
acl Java browser Java/1.4 Java/1.5 Java/1.6
acl Windows-Update dstdomain .microsoft.com .windowsupdate.com
http_access allow Java
http_access allow Windows-Update
acl ProxyUsers external NT_global_group wwwuser
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow AuthorizedUsers ProxyUsers
##################################### Logging ###########################################
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 4343 # https officescan
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
acl VERWALTUNG src 172.16.8.0/22
acl VPN src 192.168.0.0/26
http_access deny to_localhost
http_access allow localhost
url_rewrite_access deny localhost
http_access allow VERWALTUNG
http_access allow VPN
#http_access allow all
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr squid@test.at
cache_effective_user squid
cache_effective_group squid
forwarded_for off
coredump_dir /var/cache/squid
Meine squidclamav.conf
[SquidClamAV]
virusurl = http://www.test.at/
cleancache = 300
ForceProtocol = http
MaxRequestsize = 2Mb
log_priority = LOG_INFO
log_facility = LOG_LOCAL6
acceptredirects = 300 301 302 303
MIMETypes = all image/bmp image/gif image/jpeg image/png image/tiff text/html text/plain text/css
Timeout = 60.0
[Debug]
Infected = true
Clean = true
Error = true
Ignored = true
[Extensions]
pattern = all .exe .zip .rar .ar .com .bzip .gz
[Proxy]
http = http://172.16.8.8:3128
https = http://172.16.8.8:3128
[Whitelist]
Die clamd.conf ist so wie sie original installiert wird.
Vielleicht kann mir jemand von euch helfen.
mein Proxy verrichtet brav seinen job, doch jetzt wollte ich noch einen Virenscanner einbinden, doch leider funkt der nicht ganz.
Also folgendes habe ich gemacht:
squid, clamav & clamd installiert
Nun habe ich mir folgende configs, doch leider funkt das nicht. Vielleicht kann mir jemand von euch helfen.
Meine squid.conf
http_port 172.16.8.8:3128
visible_hostname Test_Proxy
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 128 MB
cache_dir ufs /var/cache/squid 10000 16 256
emulate_httpd_log on
ftp_user squid@test.at
ftp_passive on
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
#redirect_program /usr/bin/squidGuard -c /etc/squid/squidguard.conf
#redirect_children 5
url_rewrite_program /usr/local/bin/squidclamav
url_rewrite_children 15
# W2k3 AD Ueberpruefung
external_acl_type NT_global_group ttl=0 children=5 %LOGIN /usr/lib/squid/wbinfo_group.pl
auth_param ntlm program /usr/bin/ntlm_auth --domain="Test" --require-membership-of="S-1-5-21-237610090-3384204998-2152441739-1247" --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param basic program /usr/bin/ntlm_auth --domain="Test" --require-membership-of="S-1-5-21-237610090-3384204998-2152441739-1247" --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Proxy - TEST GmbH
auth_param basic credentialsttl 5 hours
authenticate_ttl 1 hour
# Damit windowsupdate und netbanking bzw. java funkt
acl Java browser Java/1.4 Java/1.5 Java/1.6
acl Windows-Update dstdomain .microsoft.com .windowsupdate.com
http_access allow Java
http_access allow Windows-Update
acl ProxyUsers external NT_global_group wwwuser
acl AuthorizedUsers proxy_auth REQUIRED
http_access allow AuthorizedUsers ProxyUsers
##################################### Logging ###########################################
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 4343 # https officescan
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
acl VERWALTUNG src 172.16.8.0/22
acl VPN src 192.168.0.0/26
http_access deny to_localhost
http_access allow localhost
url_rewrite_access deny localhost
http_access allow VERWALTUNG
http_access allow VPN
#http_access allow all
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr squid@test.at
cache_effective_user squid
cache_effective_group squid
forwarded_for off
coredump_dir /var/cache/squid
Meine squidclamav.conf
[SquidClamAV]
virusurl = http://www.test.at/
cleancache = 300
ForceProtocol = http
MaxRequestsize = 2Mb
log_priority = LOG_INFO
log_facility = LOG_LOCAL6
acceptredirects = 300 301 302 303
MIMETypes = all image/bmp image/gif image/jpeg image/png image/tiff text/html text/plain text/css
Timeout = 60.0
[Debug]
Infected = true
Clean = true
Error = true
Ignored = true
[Extensions]
pattern = all .exe .zip .rar .ar .com .bzip .gz
[Proxy]
http = http://172.16.8.8:3128
https = http://172.16.8.8:3128
[Whitelist]
Die clamd.conf ist so wie sie original installiert wird.
Vielleicht kann mir jemand von euch helfen.