HTTP Anti-Virus Proxy

Hi ap_de and welcome to havp forum!

your questions:
a) block executable files is possible by squid self in beeing a little bit more restrictive on acl settings
take a look at description for multimedia blocking http://www.squid-cache.org/mail-archive/squid-users/200812/0549.html and create instead of multimedia file types your own file extension list

b) havp self is not able to scan https/ssl connection, cause of point to point encryption, but there is a way for example by apache and mod_proxy to let handle apache the encrypted requests. But this is quite more complicated
there is an instruction to do so: http://havp.hege.li/forum/viewtopic.php?t=188

regards

If you really REALLY want to block ALL executables, you could use a ClamAV signature like this:

Create file disallow.ndb or so in signature directory, containing line:


This will also match any executable in archives.

We're working on doing the https part of this as well using a custom sslproxy with dynamic certificate generation. This requires having a private CA loaded into all web browsers in the corporate network or you get invalid certifiate warnings.

I'll post more as we work through it.