On Wed, 11 Feb 2009 09:17:14 +1300 Jason Haar <jason.h...@trimble.co.nz> wrote:
> Steve Holdoway wrote: > > > > running squid and clamd to provide a cleaned feed for html traffic. > > > > You still don't say what that means. You cannot actually run clamav > inside squid - there's no such thing. You must be using some third-party > addon (of which there are several) that does that integration for you. > > As others have just pointed out, alot of the "redirector"-style squid > addons for doing this don't work well. They are slow and inefficient > IMHO. I think the only "proper" way to do AV integration is directly - > ie a proxy that natively supports AV. > > We use the open source HAVP proxy. It supports clamav, sophie, trophie, > and several other commercial AV products and works very well. We still > use it in conjunction with Squid, as it is a pure "AV proxy" and doesn't > have all the other "bells-and-whistles" that Squid has. We use Squid as > our frontends, and they are configured to use HAVP (running on the same > box) as parent proxies. End result: all the creamy goodness of Squid > plus the sanitized delightedness of clean webpages (well, mostly ;-) > > See http://www.server-side.de/ > > Jason > > > > -- > Cheers > > Jason Haar > Information Security Manager, Trimble Navigation Ltd. > Phone: +64 3 9635 377 Fax: +64 3 9635 417 > PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml Thanks, I'll look into that. I chose squidclamav as it seemed to be the most regularly updated project. I'll look into HAVP, now it's been pointed out quite how stupid the squidclamav implementation is! Cheers, Steve -- Steve Holdoway <st...@greengecko.co.nz> _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
