| billymayday |
10-15-2008 05:36 PM |
Can't get squidclamav redirecting with squid 2.6
I've been trying for some time to get squidclamav working properly with squid 2.6 in CentOS 5.2., but to no avail.
Squidclamav correctly scans the relevant files and tries to redirect to squid:
Quote:
Thu Oct 16 07:23:04 2008 [22965] LOG Redirecting URL to: /var/www/cgi-bin/clwarn.cgi?url=http://www.tech-pro.net/files/eicar.zip&source=192.168.1.100/-&user=-&virus=stream:+Eicar-Test-Signature+FOUND
|
The file /var/www/cgi-bin/clwarn.cgi exists
Quote:
ls -l /var/www/cgi-bin/clwarn.cgi
-rwxrwxrwx 1 root root 798 Feb 22 2008 /var/www/cgi-bin/clwarn.cgi
|
As far as I can tell I've added all the necessary settings to squid.conf (it's a little hard to tell because my basic squid.conf is more complex than inplied by teh install instructuctions)
Code:
SQUID 2.6 / 2.7 / 3.0 CONFIGURATION:
------------------------------------
As 2.6 has signifiant change in the configuration file regarding
redirector, to integrate squidclamav to your squid cache just edit
the squid.conf file and set the following:
on ACL definition you should have declared:
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
on http_acces definition you should declared the follwing :
http_access deny to_localhost
http_access allow localhost
url_rewrite_access deny localhost
and on the redirect section the following:
url_rewrite_program /usr/local/bin/squidclamav
url_rewrite_children 15
If you have huge access and enough memory set the url_rewrite_children to
upper value.
Squid is configured as a transparent proxy, and it is not an SELinux issue.
The end result is nothing happens - the file can be downloaded and no redirectin appears to happen. I've tried various entries for
redirect /var/www/cgi-bin/clwarn.cgi
in squidclamav.conf but to no avail.
Has anyone gotten this to work? I'm sure it's something really simple. |
