Re: [squid-users] squid <-> trend micro viruswall

On Wed, Nov 05, 2003 at 03:58:48PM +0100, Martial Paupe wrote:
> In my company, we use in our DMZ squid and the product trendmicro
> viruswall in the following way.
>
> corp. network <-> Squid <-> viruswall <-> Internet
>
> The proxy squid listening on port 3128 and viruswall listening 3128 for HTTP
> traffic and port 21 for FTP traffic.
>
> HTTP request <->squid 3128 <-> 3128 viruswall <-> Internet
> FTP request <-> 21 viruswall <-> Internet
>
> Today traffic HTTP crosses by squid and then viruswall by port 3128, But
> traffic ftp crosses only by viruswall on port 21. Thus with this system I
> loses the benefit of the cache.
>
> goal :
> I would wish to say to squid to use port 3128 for the HTTP traffic and
> port 21 for ftp traffic.
>
> HTTP request <->squid 3128 <-> 3128 viruswall <-> Internet
> HTTP request <->squid 3128 <-> 21 viruswall <-> Internet

You could use ACLs with the "cache_peer" directive. However from my own
experience I know that you can tell the VirusWall to use the same TCP
port for both HTTP and FTP requests. Have you tried that?

Good luck with the VirusWall. After months of trying your setup I gave
up. The VirusWall screwed up a lot of complex pages. Embedded images
went away, HTML pages only loaded half... I've had it with this junk
product.

Just out of curiosity: what OS are you using? From what I know only a
very outdated RedHat release is supported (7.2?).

Regards
 Christoph

-- 
~
~
".signature" [Modified] 3 lines --100%--                3,41         All