[squid-users] Using ACLs with ICAP/SquidClamAV

From: Peter H. Lemieux <phl_at_cyways.com>
Date: Thu, 12 Jul 2012 16:17:05 -0400

This is my first posting. Please be gentle!

I've run Squid in many arrangements but only recently have I been using the
ICAP client to invoke SquidClamAV. I've browsed the wiki and searched on
Google, but I can't seem to figure out how I might use ACLs to control when
a request gets passed to the ICAP server.

We have a Windows server that wants to download an update file from
windowsupdate.com. That file triggers the known ClamAV false positive
W32.Virut.Gen.D-159. I'd like to write an ACL so that objects requested
from this machine's IP address are not passed to the ICAP server but sent
directly to the requesting machine.

I've written lots of ACLs in the past to exempt hosts, URL regexes, and the
like, but I can't seem to figure out how to do this with an ICAP request.
I've looked at the documentation for configuration file directives like
adaptation_access, icap_service, and the like, but I can't seem to find
anything that tells me how to use ACLs with those. Can anyone point me to
some documentation I might read, or suggest some methods to use ACLs with ICAP?


Received on Thu Jul 12 2012 - 20:17:13 MDT

This archive was generated by hypermail 2.2.0 : Fri Jul 13 2012 - 12:00:02 MDT