Собрал из сырцов Squid-3.0.STABLE1, c_imap-180407, clamav-0.92. Настроил по статье http://www.opennet.me/base/net/clamav_icap_squid.txt.html, по HTTP на eiсar(http://www.eicar.org/anti_virus_test_file.htm#) Squid отработал на ура, но когда пытаюсь соединиться по HTTPS, squid разрешает скачать\просмотреть вирус не на что при этом не ругаясь. Подскажите в чем может быть проблема?Сборка squid
./configure --bindir=/bin --sbindir=/sbin --sysconfdir=/etc/squid3 --enable-delay-pools --enable-icap-client --enable-auth=basic,digest,ntlm --enable-ntlm-auth-helpers=SMB --enable-basic-auth-helpers=SMB --disable-unlinkd --enable-stacktracess
Конфиг squid
http_port 192.168.2.1:3128
cache_dir ufs /var/cache/squid 100 32 512
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
refresh_pattern ^ftp: &n... 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl user src 192.168.2.2/255.255.255.255
http_access allow user
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
icap_enable on
icap_preview_enable on
icap_preview_size 128
icap_send_client_ip on
icap_service service_1 reqmod_precache 0 icap://localhost:1344/srv_clamav
icap_service service_0 respmod_precache 1 icap://localhost:1344/srv_clamav
icap_class class_antivirus service_0 service_1
icap_access class_antivirus allow all
cache_mgr squid@romashka.ru
coredump_dir /var/cache/squid
acl local-servers dstdomain .romashka.local
always_direct allow local-servers
Изменения в c_icap и clamav по документации:
c_icap:
User nobody
TmpDir /tmp - ваш каталог временных файлов.
acl localsquid_respmod src 127.0.0.1 type respmod
acl localsquid src 127.0.0.1
acl externalnet src 0.0.0.0/0.0.0.0
icap_access allow localsquid_respmod
icap_access allow localsquid
icap_access deny externalnet
srv_clamav.ClamAvTmpDir /tmp
srv_clamav.VirSaveDir /var/infected/
srv_clamav.VirHTTPServer "DUMMY"
clamav:
LogFile /var/log/clamd.log
TemporaryDirectory /tmp
DatabaseDirectory /var/lib/clamav
LocalSocket /tmp/clamd
User clamav
PS: над темой подумал только после того как отправил сообщение, имел ввиду Squid + ClamAV по HTTPS НЕ проверяет на вирусы