Configurations for Sophos-SAVDI (savdid.conf):
> threadcount:
Normally it should be at least the maximum of customers.
> loglevel: 0
> address: 127.0.0.1
Configurations for Squid-ICAP (squid.conf):
> acl virus_found rep_header X-Blocked -i \ Virus found during virus scan
> http_reply_access deny v
Hello.
I have use squid 4.8 as reverse proxy. The problem is remote (or local?)
side close connection every 2-4 minutes with message "TCP_MISS_ABORTED/200"
in log.
Another one problem - downloader report incorrect speed and time.
random.bin 100%[>] 2.00M --.-KB/s in 0.0
Thank you for your time, patience and lessons learned.
Now it is all functional and I can no longer download the test file neither
by clicking nor with Save link as.
I will come back with a post that includes the necessary settings for both
Sophos SAVDI version 2.6 (I highly recommend it for scanni
ok think i have done it
#
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name_regex -i .microsoft.com
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all
#
#URL deny MIME types
acl mimetype rep_mime_type application/octet-stream
http_reply_access den
Hi Amos,
ok, i have found the rule for it
acl DiscoverSNIHost at_step SslBump1
acl NoSSLIntercept ssl::server_name .microsoft.com
ssl_bump peek DiscoverSNIHost
ssl_bump splice NoSSLIntercept
ssl_bump bump all
but the thing is both windows updates and office activation use the exact
same cert fil
