HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
SQUID - HAVP - SQUID (Need Help!!!) http://havp.hege.li/forum/viewtopic.php?f=3&t=348 |
Page 1 of 1 |
Author: | chlee97 [ 26 Mar 2008 09:55 ] |
Post subject: | SQUID - HAVP - SQUID (Need Help!!!) |
Hi all, i configured my proxy as SQUID - HAVP - SQUID, and my browser still able to download virus file (eicar). BUT if i only used HAVP to download virus, HAVP able to detect the virus and block it. Please correct me if my settings as below are wrong ... HAVP.config ======== TEMPDIR /tmp PARENTPROXY 127.0.0.1 PARENTPORT 8081 PORT 8090 BIND_ADDRESS 127.0.0.1 MAXSCANSIZE 5000000 ENABLECLAMLIB true CLAMDBDIR /usr/local/share/clamav # other settings all set to DEFAULT SQUID.conf ======== http_port 81 http_port 127.0.0.1:8081 acl FROM_HAVP myport 8081 log_access deny FROM_HAVP cache_peer 127.0.0.1 parent 8090 0 name=havp proxy-only no-query no-digest no-netdb-exchange default cache_peer 127.0.0.1 parent 8081 0 name=squid2 proxy-only no-query no-digest no-netdb-exchange prefer_direct off nonhierarchical_direct off acl HTTPS proto HTTPS always_direct allow HTTPS never_direct allow !FROM_HAVP cache_peer_access havp deny FROM_HAVP cache_peer_access havp deny HTTPS cache_peer_access havp allow all cache_peer_access squid2 allow all cache_peer_access squid2 deny FROM_HAVP acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl white src "/etc/squid/whitelist.txt" # my whitelist ip address acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow white http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all # other settings all set to DEFAULT Please HELP ... Thank you Regards, Kenny |
Author: | chlee97 [ 26 Mar 2008 11:13 ] |
Post subject: | |
Hi all, a mistake from me ... i should clear the cache of squid first ... hehehe ... anyway my proxy is working fine now ... THank you Regards, Kenny |
Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |