First, thanks for your reply...
> Where did you get that "fact"? I don't recall that being true.
I got it from several sites and my collegue. Didn't get anything in
changlogs of squidclamav or libc-icap-mod-squidclamav
<http://packages.debian.org/wheezy/libc-icap-mod-squidclamav>.
>
> * The old clamav integration provided the alternative URL
> automatically in the background and the browser would redirect to it
> without the user needing to do anything.
> * the ICAP filters mid-stream similar to havp. The early clamav
> server implementation did have issues around delaying the download
> while it pulled in and scanned the whole object. Not sure if that has
> been resolved or not.
>
If I define the http-request and http-response like the following, the
response (download file) should be send directly to the client?!
icap_service clamscan_req reqmod_precache routing=1
bypass=1 icap://localhost:1344/srv_clamav
icap_service clamscan_resp respmod_precache routing=1
bypass=1 icap://localhost:1344/srv_clamav
icap_service urlcheck_req reqmod_precache routing=1
bypass=1 icap://localhost:1344/urlscan
adaptation_service_chain CHAINS_REQ urlcheck_req clamscan_req
adaptation_access CHAINS_REQ deny CONNECT
adaptation_access CHAINS_REQ allow all
adaptation_service_chain CHAINS_RESP clamscan_resp
adaptation_access CHAINS_RESP allow all
> (I do not use clamav, so may be wrong.)
Which AV-Scanner do you use with squid? I'm thinking about using F-Secure...
>
> NP: When you go to squid3 you may want to use the 3.1.11 or later
> packages available in the Debian sid repositories. The squeeze package
> has a few annoying issues that do not qualify for fixing under the
> Debian policy.
>
In Debian squeeze there's currently squid 3.1.6-1.2 so I should give it
a try, shouldn't I? I did not found a bug which is very important on
http://bugs.debian.org/cgi-bin/pkgreport.cgi?package=squid3.
Thank you. :) Cheers
Received on Tue Apr 05 2011 - 12:05:33 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 05 2011 - 12:00:02 MDT