On 17/02/11 20:46, Harald Dunkel wrote:
> Hi Jeff,
>
> On 02/16/11 16:40, jeffrey j donovan wrote:
>>
>> is squid configured as intercept ( aka transparent ) or as proxy?
>>
>> post squid.conf and we can see whats up.
>
> Sorry, I knew I had forgotten something. Here it is:
>
> # cat /etc/squid3/squid.conf | egrep -v ^\#\|^\$
> http_access allow all
> http_port 3128
> http_port 3129 intercept disable-pmtu-discovery=transparent
> hierarchy_stoplist cgi-bin ?
> cache_dir aufs /var/spool/squid3 4096 16 256
> coredump_dir /var/spool/squid3
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
> refresh_pattern . 0 20% 4320
> icap_enable on
> icap_preview_enable on
> icap_preview_size 128
> icap_send_client_ip on
> icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav
> icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav
> adaptation_access service_req allow all
> adaptation_access service_resp allow all
> dns_defnames on
>
The problem could be clam. AFAIK it requires the full object to do its
scan. Which means downloading the full thing then scanning before the
user gets to see the byte one of response. I'm not sure if the various
authors have updated clamav or squidclamav to handle tickle-scanning
yet. If they have check your version supports it.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5Received on Thu Feb 17 2011 - 11:52:52 MST
This archive was generated by hypermail 2.2.0 : Thu Feb 17 2011 - 12:00:05 MST